intel-gma-3100-15.12.75.4.64.1930.exe

Toggle Downloader

Bibado Investments, S.L.

The application intel-gma-3100-15.12.75.4.64.1930.exe by Bibado Investments, S.L has been detected as adware by 0 anti-malware scanners. The program is a setup application that uses the Bibado Downloader installer. The file has been seen being downloaded from www.presenttodaycenter.com.
Publisher:
Bibado Investments, S.L.  (signed and verified)

Product:
Toggle Downloader

Version:
1.0.5.52934

MD5:
53a5c449fdae0da0b377398b8e43ce69

SHA-1:
89cfb48e8a1cee212261cdb3b204c8cc5dfa20d9

SHA-256:
79ca6c8a13f185979687aae0f2662a8eeeed27418a64f815085a84cf7a4826d3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/29/2024 5:00:20 AM UTC  (today)

File size:
1.2 MB (1,275,336 bytes)

Product version:
1.0.5.52934

Original file name:
ClickOnceSetup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Bibado Downloader

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\intel-gma-3100-15.12.75.4.64.1930.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/13/2016 2:57:03 AM

Valid to:
4/2/2017 9:32:01 PM

Subject:
CN="Bibado Investments, S.L.", O="Bibado Investments, S.L.", L=Alcorcon, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121212301396FAE08B19C17F8D9578163C9

File PE Metadata
Compilation timestamp:
2/19/2016 12:13:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:exmdsKWEqY0axg2TjCfH5orzzog3V3sltXyTBXWSwlvPd2:ewXUMZEozzog3V8nCdSvA

Entry address:
0x12F91E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.8258

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1.2 MB (1,235,456 bytes)

The file intel-gma-3100-15.12.75.4.64.1930.exe has been seen being distributed by the following URL.

Remove intel-gma-3100-15.12.75.4.64.1930.exe - Powered by Reason Core Security