home

installer.exe

This is a self-extracting archive and installer. The file has been seen being downloaded from www.bestbulkclear.com.
MD5:
46eeb817a74f72c29e015c64704bf043

SHA-1:
a1e23bdccedced6b76b18039972cd8b481cf0872

SHA-256:
0a0b66ec126fbed0e9aec3464669081a5d465b8321873c4c0e104921ea7cbb41

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/7/2024 10:34:31 PM UTC  (today)

File size:
392 KB (401,408 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\installer.exe

File PE Metadata
Compilation timestamp:
2/3/2016 7:55:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
12288:yah+DF/wPal6mrc3dXg17cF86tlfUJJRrAwwktDHzjsJo:yahw6S83lU7s8WUR0wJt7sm

Entry address:
0x43A64

Entry point:
1B, F3, 4B, 8D, 0D, F3, 49, 6D, 3E, 51, 8D, 2D, EB, EA, 04, 31, 5D, 8D, 35, B6, FC, CC, A9, F6, D3, 33, C5, 8D, 35, 12, 7D, 38, 63, 71, 0C, 8D, 2D, EC, 7B, D2, C0, 08, F5, B7, 06, 0F, C8, 11, F1, 68, BC, 67, C1, 00, 73, 05, 0F, AF, D7, F6, DB, E8, 08, 00, 00, 00, 0F, AF, FE, 0F, B6, FB, 3B, EE, 0F, BF, D0, 32, FC, 8A, ED, 69, F7, EB, A3, BF, F6, 88, D7, 0B, F7, 13, D9, 8D, 13, FF, C3, 72, 0A, 0F, CE, 0F, BE, F6, 46, 23, DF, 87, F3, 52, 73, 03, C6, C7, 61, 5D, 13, D6, EB, 02, F6, DE, 55, 49, 59, 2B, DF, 8D...
 
[+]

Entropy:
7.7680  (probably packed)

Code size:
292 KB (299,008 bytes)

The file installer.exe has been seen being distributed by the following URL.

http://www.bestbulkclear.com/.../installer.exe

Scan installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.