installplus500.exe

Downloader

Plus500 LTD

This is a setup program which is used to install the application. This is the uninstaller utility registered in the Windows Control Panel for the program Plus500. The file has been seen being downloaded from download.plus500.cz.
Publisher:
Plus500 LTD  (signed and verified)

Product:
Downloader

Version:
24, 24, 24, 24

MD5:
6cde473acec81225cb26ff03ee5bbb75

SHA-1:
25ae6609faeff9ddc1a8af92f84eb2b715970341

SHA-256:
1fcdd9bd74daa4c69db49f947665ec47627db88df055f09439c759333e843cdc

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/5/2024 10:53:45 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Downware.9669
9.0.1.048

F-Secure
Gen:Variant.Adware.Mikey
11.2016-17-02_4

Trend Micro House Call
HV_ZYX_BK08273A.TOMC
7.2.48

File size:
375.5 KB (384,488 bytes)

Product version:
24, 24, 24, 24

Copyright:
Copyright 2008

Original file name:
Downloader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\installplus500.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
4/20/2014 2:00:00 AM

Valid to:
7/10/2016 1:59:59 AM

Subject:
CN=Plus500 LTD, O=Plus500 LTD, L=Haifa, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
031183F8BA44C6DB1F7305BE0C6A6689

File PE Metadata
Compilation timestamp:
2/24/2014 1:25:52 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:vbr4/Uu59fyzp+V7uYQshpFT9Si2o0Yo+155Hs:T8/Uu59fMpQ7LQshpxxz0D+15q

Entry address:
0x30D7E

Entry point:
E8, 10, B5, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 28, 53, 56, FF, 75, 0C, 8D, 4D, F0, E8, 4B, F6, FF, FF, 8B, 75, 08, 33, DB, 3B, F3, 75, 28, E8, C5, 26, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 10, DC, FF, FF, 83, C4, 14, 38, 5D, FC, 74, 07, 8B, 45, F8, 83, 60, 70, FD, D9, EE, EB, 61, 8B, 45, F0, 83, B8, AC, 00, 00, 00, 01, 7E, 14, 8D, 45, F0, 50, 0F, B6, 06, 6A, 08, 50, E8, C6, A8, 00, 00, 83, C4, 0C, EB, 10, 0F, B6, 0E, 8B, 80, C8, 00, 00, 00, 0F, B7, 04, 48, 83, E0, 08...
 
[+]

Code size:
287 KB (293,888 bytes)

Program Uninstaller
Program name:
Plus500

Uninstall string:
C:\Program Files (x86)\Plus500\Plus500.exe /uninstall


The file installplus500.exe has been seen being distributed by the following URL.

Scan installplus500.exe - Powered by Reason Core Security