home

installer.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from www.bitstownpackage.com.
MD5:
e865aca94fff43ec8605c4a1b754351f

SHA-1:
99073954729eb5ba9a2c6441eb987ef561d9bf1a

SHA-256:
f71f9fcfbc5f7400485371f3d0fa17219a52707509872457a14a8867c111a4b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 5:48:59 PM UTC  (today)

File size:
380 KB (389,120 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\installer.exe

File PE Metadata
Compilation timestamp:
2/3/2016 8:41:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:xMmn61DbvUyuquYAxcQ4l3CcrET7+e4089pOQ+kY2LivVss0F7wi6WR+:Z61M3quYK4lSyET7+/pOQ+kYSiKd8i6f

Entry address:
0x40F2D

Entry point:
4E, 18, EA, FE, CC, C7, C0, 27, 1A, 5E, D9, 69, D8, E0, 7F, 7E, 54, 03, FB, 85, FF, 85, C8, 72, 02, 18, CC, 8D, 05, A4, 64, C0, 22, 3B, DD, F7, C3, FB, 4A, 1D, D9, 00, D3, B7, A9, 30, F9, 8D, 3D, E3, 5D, B2, D9, 42, 86, C2, E8, C1, 00, 00, 00, 33, C0, 33, FB, 0F, AF, EE, 84, C0, C6, C5, A7, 86, D2, 8D, 15, A2, 5E, 74, 8E, 46, 87, D1, 8D, 15, B8, 63, 9C, 15, 77, 07, 8A, F0, BE, 15, F5, 8B, EF, 69, D2, D1, 60, 5D, 1E, 80, DE, F0, 80, CA, 8A, 6A, 00, 59, C7, C6, C2, 07, A7, D8, 81, C9, 25, F9, FF, FF, BA, B1...
 
[+]

Entropy:
7.7583  (probably packed)

Code size:
284 KB (290,816 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://www.bitstownpackage.com/.../installer.exe

Scan installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.