» KLPassDecryptSetup.exe
Overview
Analysis
File Details
Downloads (12)

KLPassDecryptSetup.exe

Asterisk Password Decryptor

KRyLack Software

This is a setup and installation application. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

Publisher:

KRyLack Software

Product:

Asterisk Password Decryptor

Version:

3.16.102

MD5:

8a3ac7d44891d38c57a4a9fdde138205

SHA-1:

2a40b128335fb55b84ed0f4d3e2440170beae7b3

SHA-256:

7fbefe52051ac51e42658b15dc09d54dc89388771e17b11f331ce988c2fa245e

Scanner detections:

3 / 68

Status:

Clean (3 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/14/2025 9:06:01 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/PSWTool.IEPasswordsRevealer.A potentially unsafe (variant)

9.11566

McAfee

Artemis!8A3AC7D44891

5600.6774

Trend Micro House Call

Suspicious_GEN.F47V0327

7.2.125

File size:

2.7 MB (2,840,004 bytes)

Product version:

3.16.102

Original file name:

KLPassDecryptSetup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

3/21/2013 8:52:43 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

49152:+2rWTBNfNxNkNJNLNtNwNw8MCCuu2EZ+dM8uQ3s6KRRpmpGTXt9fprIcKF+GwiOc:rWLlHW/Zb6w8MCCtoy8uSk3YGTprIchc

Entry address:

0x2DFBE

Entry point:

55, 8B, EC, 83, EC, 44, 56, 57, FF, 15, 6C, 01, 43, 00, 8B, F0, 85, F6, 75, 04, 6A, FF, EB, 7C, E8, 21, FD, FF, FF, 8A, 06, 3C, 22, 8B, 3D, 48, 03, 43, 00, 75, 15, 56, FF, D7, 8B, F0, 8A, 06, 3C, 22, 74, 1E, 84, C0, 75, F1, 3C, 22, 75, 1B, EB, 14, 3C, 20, 7E, 15, 56, FF, D7, 8B, F0, 80, 3E, 20, 7F, F6, EB, 09, 3C, 20, 7F, 0B, 56, FF, D7, 8B, F0, 8A, 06, 84, C0, 75, F1, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, A0, 01, 43, 00, F6, 45, E8, 01, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

185.5 KB (189,952 bytes)

The file KLPassDecryptSetup.exe has been seen being distributed by the following 12 URLs.

http://dw.uptodown.com/dwn/4zMoYJa9XMYmKdNEM7p5LuNou8CEQ4vIyNxKVRhdtlUN8vIDlhM4LPIbbyuzJOL2XY7e5afGEsDx6FS90SCIs7zBagvsGrnMIUJSeUyEq8-nI4ew8jUwuK12Ycxw183Q/EAiVYisGThqo-j2VPCNXTUwctpbCn6oK4A3E0LzG12uQ3iJ8Ev8DKxD9fFbjW-KvCkEPD4pVz0oCQr4-eNOmx_Yfd_EdIsGVy8wcBj7iyM3SxkSFrWll2m60iz0ZHKgc/GTrZMso4KIe0pSwA4LZVwBwRf3hVeWB13uwOfzHlSCkTMFcaCzlQ3MD3vpA62X1yagxbq-F3i3geeXIiO1Ndqa07HCh3wUHT6pdBbSApvALR8kBU9wiTJHTfjrVnUCmb/.../

http://dw.uptodown.com/dwn/uLEk7Z44vcObqEMuhV-Lpn_qpxWG6GhX6YdRoLHqPGB0KDoRpep0o2NUqZ266Y21MwQjvlzgwiaVZqMPjNmfbiOPGzUJktsw4mZ98rYnfB6dSjapqeGuUsY9Vv7PveCb/m4naMCA5uXnfC-La_FCsn_CrylJ4u3cXZokUcDmS8vW1Zd1FDCLOi5OTEThggb8wvBxKGcVgDFavUSpdJipVvZcKWy3OdJMGDWxnu64T0BnTyxOgnu9EM0jTm7W1tU3B/uZXJs5O9zXFB6z9Un9eQlL5b4j25pEMfD8r_EAnoBhV05pj8m_p-VF9sDC9JjJ03Dp55jxkOJM0cQmacRWtw8nnZqRiBfIR8D5z1nWPC_PuvULbrzeTsoMwZO9-GDT_s/.../

https://dw.uptodown.com/dwn/x7a7HkaYnT__1QffQXMq1eUBdk-uitjz2VWF8zevLv6tUZuYC7qIe4rVgYBDDpSBSukl0LQKitAyvKR036rFv-S-2vUlPi6fReaJDEqyQXfzFl33goFs_Yg4prk228Ck/DQ8RRjDjHKogGbpDxIiJy5CQbobRpFJhRROcgSJ6MwFz2XRxvVfz0qrKo80wejM2bkFXJKfngkEqkpnLRcEmGV7DVv2mQ1wA_DioYkdnX-nGcUyqljtYM0ZuVPD9TuFp/QY6pmIMrjX4JfGunTpuhBEG_kgieps99_qnvosQV8iV_dmCjdnjGLQLKltqTZHFKqcuiUuXlyBE-9ImfnkBfDVz16IndNp887p3WjMZWTx5bJcurM9EMK7OugaW4feTx/.../

https://dw.uptodown.com/dwn/e4dQ2KoHl2cvJrTUe9J9iDX7cmNfBe8Rxw7OMu9Rq-qhvjxeuxrjmf5j2RMaQVfBLkntSrQqeDz-9tlyWh61p2VC7l2h-sfG21ka850vrYUn-LlkxzI9XNHNIbKHYzaF/P4-7RhYAYPR0w5IheAR-ViB4NNi41vPhAWmklaRLjxieiuveL8lBTKKMqK6rjKWQ9YH_dwc37IbZQLv0eb9MBm-l8yMYve-WT59fC9UFt5ImL2Cgx-I281Tp_fLYR7tm/SGhxAsqzA7dNVXv1oJ9WuFtx5m6IxKr635imDH2oJJNbHyWT0f7uqF6Hhzk3dZIDIG4M59Do4dHTtwZkVzgroWLGs-HLzwx3Hl_xdzUIgOgIy9huN4SeQUsGwRDR3U1r/.../

http://dw.uptodown.com/dwn/OeP7vr9tEMJrV77c3g1KOXKIZSR1CdRuBG-TxIwDT5FMLvXganWW29f1iQOt5JZSp8OSNrCV8k4euS9AHDxophvOdx7iORFIOqXrfF27h8Pu9Tcw_3eKxZqJD-XNPdpo/sYDUAhGlPaNn4DnCxzK1tIL52bhK8Yq0d721twDVD_nhclrT-pEwE2aGuBrqzhV6ATyMO2zqoDc_HZDa2hSJnSPgGVx7yKnO48Pes29ihj0TFVCVM87w8lRC66foZuWs/flRUcC8Wl8CEOWp46qo0elyqmim6_ypXUpgxID31zwPDTSBMYv_7rxEAitYxuYst65-riYbgMF_VaOhpUfr5wOtNZXpGFfWJe3YnrVLfNck4ZrgqY2RGOPtQ9G-hi99N/.../

http://www.lo4d.com/get-file/asterisk-password-decryptor/.../

https://dw.uptodown.com/dwn/wgJ7CCSW1kILsVHUdx5OgF6rVnhF2emJr9PrtZxvUI3D5cRSUDtXxpB9D6-sv2RLc0yWWttpTSZwejLX5VpDywyAqx8X8V7G8eqvzNVoIqVpdadpwIELh_GeyZp0wshd/_5uKycV3BMKYP3iJuCXRJ9spE5I5fT9i6NeL1U8G_EZ09tOTCPjy7c4CeCpWzRp8q0RS_TVI4KWq_Z3mZtV-de1pcsLznSatzi2zG6CU8aKu3LzOYGc3LUJVP3ByHG1M/1y7nsnywnASk3GiWhMwrnWwypkOaZobk-rBG5ks_fAUKVVTcKjDE9cRCoAAw3N-iPfMmV3KIeGIYGH8Lsp_DZCbhpaFCmm1iCuFfGvYmKTuhAgmwrTc4kesllor3HD18/.../

https://dw.uptodown.com/dwn/w2wLVVZkxK81Qq2L08zrkLHsmbWxzfDwpUZOn_8nJwH85H8-0MNLe5SAD56djza8c_Cl5KWuX-Oh630Ao6HK0JeKLD-QB9xBlPaqQ9BID5wwHUp1O8va7y5S0ahQLQMY/9mL_caCHsKrdZxS_8bdiwpqMYE6AHD7vddDerFwxNnnbOZsYuYZa0BFxcJnyVHf-vzS5CDMe0sSqGjOx8zAZWJ4yr3xMXK_e-yOpQjDZUHxX70iVBnU6AgBZelglrOEV/5wfoaZ87RH8pUA2w_Ie7e08ppz-r50EKYuNDx01V8sJ-RWniFQVGVveg5hVXaCgKCI96NXAWA8JdueLfcL6ptw7Bckf_34_uAFzvCrzCDBqBEqBnYYCXTxMX9fVvS5gX/.../

http://files.downloadnow.com/s/software/14/.../12/.../KLPassDecryptSetup.exe

http://dl.krylack.com/KLPassDecryptSetup.exe

http://gsf-cf.softonic.com/2a4/0b1/.../KLPassDecryptSetup.exe

http://global-shared-files-lw.softonic.com/2a4/0b1/.../KLPassDecryptSetup.exe

Scan KLPassDecryptSetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.