lightspark-0.5.3-win32.exe

The executable lightspark-0.5.3-win32.exe has been detected as malware by 1 anti-virus scanner. This is a setup program which is used to install the application. The file has been seen being downloaded from www.vaultsbinariesvaults.com and multiple other hosts.
MD5:
2d9b0986e91ffac61ada0799a9dc9afb

SHA-1:
274b6e3c6f36b37984e785fb74acc15f724ddceb

SHA-256:
65f14bfce06c68ffb379c649c680b911989d9af8092cfdefb2d9ef0c842dddce

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/24/2024 12:19:22 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.18.0

File size:
14.3 MB (15,034,686 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\install\lightspark-0.5.3-win32.exe

File PE Metadata
Compilation timestamp:
8/30/2011 8:46:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.21

CTPH (ssdeep):
196608:P+zYVSJYvM/sP9ABDPhF4WgrjMk/UbDLGOesi3YfDPANa0FEfJtDQF1AwADZnrSz:uYwD/sFABDJFArjT/0viwEQXQFuH+UlM

Entry address:
0x4109

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 83, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 84, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 84, 42, 00, 56, A3, 30, 6B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8B, 3B, 00, 00, A3, 8C, 6B, 42, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, A9, B2, 40, 00, FF, 15, AC, 84, 42, 00, 83, EC, 14, C7, 44, 24, 04, AA, B2, 40, 00, C7...
 
[+]

Entropy:
7.9994  (probably packed)

Code size:
34 KB (34,816 bytes)

The file lightspark-0.5.3-win32.exe has been seen being distributed by the following 15 URLs.

http://www.vaultsbinariesvaults.com/yU70igWGLNknutAYC_8QFt6PX12qRPzgsCkpaP6OlXJ4L2jPK_HYPWO1zIhc2I_aEhUnRlKEBxmc11L16zsIt5GDlLnGcyKYDR0S3NjWtupwV2LeY1T0SAXlxGX7gz5jVtjnqzkjOYe_W5CYbG6ovV7cxehH6983lHgGhKwfn4 mn7M6SeADQQZfySsIUiwkZp795Ck_TE9r6xL0igKQdgwkDElkg5E4gZsCGmpbztjm6FysT7fdHLxVR U wM90_zuN91aNQHd7CvlwOqnQ_VbgUCbb8AiDORMo8g5xZXced8ZnCduoBlTP3_2QBzDt37P3rMaZnmIwXgKfNkkBzgrmKrmEz4eMXZV8qy4agPmtieuxXIdRXjarJ0PLu LwkTX7gtPItHGfjiXOpX8BhAhzf eIkd2izVryQy4TjBSCa0bl8lCT yoIvZEI66mWaeeCYw4B9_X18eW8zYohtoyhhur6nc19ZDRaSG84RKjQo1v91VABxThKyuVVKsCugCurGCmhNYIkFSq2l7PFQco3ctzSWNEcDtiO76W26dVthusMrfIYpamrf81rn2rXNeifsyCZ3K6Rh9CVishy9X_2wMqkcFb NaSnzRN7EobhhGGV5rcbO0WD0tnqPRdR_Ii4A2ejxA7tfxOkc4Xi1sWvtIP_tWOsKWyMXM3JGGeWbR2CmyNkDdoxgN2_0koqzGlrTNLhO_s4QtMRTg6h5a_049a5OmXdzcuL2x2W0Re7JQ8wTkN30BG nNzTNkkrFPMitdHEM8PhJqLMpAXg0vFM47CFegZRI OWx5XghvLEGhGiw1jnmdiD5RR5kgC5sBKatRjvN3 qkmDGh5JXgXqbidIeww==-Ow==-e

http://www.vaultsbinariesvaults.com/wfSiJuIzxP97rb9tqJAfESsS1WlU1788R1_Z0Pun0CMUIj8x21YpkJTwe1INsFsb1Kk5v3otrk66jVHJIhNtpRoM _hhUHXggEa06HRXn67p0oux30vZ_T91Pb5lwF6v4zLf6taF9OH7TPEgVhsjfwT99MnGJH1wn zYetgjEl8aINVOZh3E12RBqXKOdvLVG9D5iWgoN9mgvtpp60CG8oUzXkJxVQ==-Ow==

http://www.programosy.pl/.../pobierz,lightspark,2.html

http://www.vaultsbinariesvaults.com/DA nHegR CgOouzwrS3WUKJ4elMKJ7QdRe1LPLhE53xkR0UeodSrcnPLIW6MMsVtW2aoPQvWFb1hxZdec_z5dBRMjH3Tsp7IxkFRj5gomZw8cB6ozaqd6zJotGvIpQ QXWb wYRzTFGoQJ TFb7bpsb5cq_HoU75xoWHH3482wqr2tBvPWlR HX6he3jNE1canknHTfq-Ow==

http://www.vaultsbinariesvaults.com/dKnwA13R9rL5W8J6M3_PZ2FqtO jzXdpZm25gLEmzhTGCs3nCOesBSyJHeOtL3kgom kvJQfY2NZ3yQgWXHLn3Vxj45eYdJB c8Moi4AA4L4hC0vh_BaqwflwxE8XMWWwkbi4rcLNhSB_imnfQ9wzoYFsLXyKZDv3RfWT1viR7pD7GeGHN2s1kWVrdWa2Dj_zlxUunpZ-Ow==

http://d3d6wi7c7pa6m0.cloudfront.net/bundles/.../lightspark_setup.exe

http://descargar.freedownloadmanager.org/Windows-PC/.../GRATIS-0.7.2.html?ac17da5

Remove lightspark-0.5.3-win32.exe - Powered by Reason Core Security