local1file.exe

Haiyu Dongxiang Co.,Ltd.

Publisher:
Haiyu Dongxiang Co.,Ltd.  (signed and verified)

MD5:
f5050ef3e4e2b90b4a89cc95aa3530e5

SHA-1:
30153a1966b58845b48da020b2ba138115ada2ec

SHA-256:
664a22b7233553c2ffa885c84e18acde7622e2d604752ccc484c2a2f85da9bf7

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/2/2024 9:20:29 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
c:\users\test\appdata\local\temp\3015a6656393586e011358262f78dcb13d97349c c:\users\test\appdata\loca
9.0.1.05190

File size:
9 MB (9,448,104 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\local1file.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
5/27/2015 7:00:00 AM

Valid to:
8/26/2016 6:59:59 AM

Subject:
CN="Haiyu Dongxiang Co.,Ltd.", O="Haiyu Dongxiang Co.,Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2B86748125644541E9D799554A0D8F15

File PE Metadata
Compilation timestamp:
5/3/2016 4:55:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:GFICDPXKMyLysX3fZHbRw85DYYCwHOgm+A:GXDaNHfTj+wHA

Entry address:
0x97493

Entry point:
E8, FC, F8, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C, 24...
 
[+]

Entropy:
7.1684

Code size:
722 KB (739,328 bytes)

The file local1file.exe has been seen being distributed by the following 50 URLs.

http://indir.gezginler.net/i/35036/.../

https://softpedia-secure-download.com/dl/ebdbe944c85148f0dedc5c6d10da5a22/586004d3/100248261/software/.../Droid4XInstaller.exe

https://softpedia-secure-download.com/dl/b2bc4e1e54da87730141356a9b64f383/5849739e/100248261/software/.../Droid4XInstaller.exe

http://www.towerbitscenter.com/p6aDZHkMjt PxF khVyMbcT K6FpJOJsVfQlaqFcEdo01cfUNLxK9dUSCjqpDZuJdK3mdq5tN3xLDljIkCYn SeKKEjKCE11yBz7v2dDblUtw0mlGHoPMmofAAMwN4T toeeKt46Q6f5vfKpMm_w3B9Ahl33U1ej00Ag18EoLox6pdqO0_d3vi0ANyeeEuOvznREtAjVw6Mt2CP8N2SnbegCBt5hrw==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

https://docs.google.com/uc?authuser=0&id=0Bwldgs-mOb0adGVUVE01NkJmV1k&export=download

https://softpedia-secure-download.com/dl/91a08da116c48804c5e217fc1bb94d27/584bc933/100248261/software/.../Droid4XInstaller.exe

http://www.downloadcrew.com/?act=software.download&id=34567&t=1476597835&c=9fe255ccdfb7ee54b055bd6a17daf1ecd456e553

http://192.168.43.1:33455/static/storage/emulated/0/.../Droid4XInstaller.exe

http://www.tamindir.com/indir/MjAxNy0wMS0xMCAxMDo1ODozMA==/droid4x/windows/.../

http://www.towerbitscenter.com/1GbMsyZ3AVfC5XWAd03Bk6aaB7skbt1ABbFQosvCw_wMM0poT3SVXYJRN7zSpTNu8XBspski268xb5hMNsZFHnTSvcutH1qW9lENtsA1ycRRhLbpzIPgpR_XMwJQYq6zepaI4gdQPhAx45NPvejU3kSP7cCvmazK9cJc27 jDXhlxcWX9hcnT62k2R_fmXbZE0Cg0dv5DcEFUpeI9cc5cXpvKIdmC6YLayVq8n1Va5zRNtiOxlXa18yEvE2nmDnwOrDdG0aO8v7DXDsnzxjYFWvUKgFDGjtHZt6sJS0 UmxQFomA J4cFDXk7xd5c32k4MrcqGp6oKQRTGQQb0hRXA5_lZcJl0fIBCEnR45zOwEjDYvSZumQ6FZxMaq2Tcm2WC_OBti0G8m8mwr74jo5Mqu6Tx9BrpkCcqSzLC9W8DH7TPLEh9Yv4OTANc3N45LPrSSYtASvmLh0EtXHNRe7TThMZQZ3EXh IaQZyN2vgmPtp84WJLa0HqFUGVGN4j3RwKFam3VpZGtNO1cMgs2cr_VJAniY0SE2EFd_bTwC89KYmzd23IGgDAOIRe2Y78qxImLgI1BL-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=-e

http://www.towerbitscenter.com/8VL9CDHwF3 lpefhv8uU9d76A4eHjZBiH 77_ go2jvcBrKpvUGjka2wGxySnhVD6C77PIuzpuyfbazdauNAhVd_rBOV nAZcrbGylx9v0I99Oer2m89ZHX1CiijXuB3d8sSdsGXCgohHvgbBqJL6j6nIAPFqS6NWYVF8UpBpa2kIKo26U2RnHl8o8Kg37HYQheSRU03v4QgHQqsGkpKijF6HCD9Sg==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://www.towerbitscenter.com/1jMf7kVwGr88m4bV4Ix7tliXYfeOlWt YkcGBO3cgiSMiK9ze5QacmkuMUXeg7nsNp2DH9zhWkGX5XB7gSOgLeOc9qoFg01Lf_3fcnItyAK6e9rLlvAQjcD3s_W7tn_PzIyBo8mOe1wsV5ao2e8XNS32_nbaIHe7ptgMRSJikISVFf1Y2IOy3Fa65_O5v7mAkrFIW6tnrVBjcOxHAODb xck4WvBnA==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://www.lo4d.com/get-file/droid4x/.../

http://www.tamindir.com/indir/MjAxNy0wMi0wNCAwODo1OToyNw==/droid4x/windows/.../

http://www.towerbitscenter.com/vdp0NW62g9h_Ba 5lHlw w98Edoopdolcvs5LVj3KyO5j339iSo3jFlmeK3GTbsZWKGEW6kDObXmhEw_BfU6QhN_ edVIH0f xFwUrpr0peDwXUYxuohCQDmI0Phj1L2WIshjLBqL0GnekapbTl7 ZHZEIYhTHFBS T5j6foF_NVb0 dCXQvDVe_lHsPmZlhzfZhcEQRK5V zO99Hr5U7p2VzzMRqw==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://droid4x.software.informer.com/.../

http://f51.y8top.net/2107tmp/cf/soft/2016/6/ba/.../droid4x_0102-beta.exe

http://www.ranchsendgift.com/CIqxlw7n0cIfcoTcgfbkkJ3zeWETXiwe1Zkh99VMj4MZuiOD 4oniq35JOSuTkgQ6PNthLmlqgXgjFwonn9W3UlKPTksSGLBRZE8Z6k5WDl7aL8k0ks_l0bCZhjoRP_p2oZ6o6fXKyyKsI4fwOohCsRQYBnKJeVrIhauJjSxREYblyhDEN1We0XHuLo7PHSKlw6M2LZKn1hBoxewg6Pdd5_gJM63iQ==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://www.towerbitscenter.com/9sFfwfBAnq9 UAC0ExGi1X2m stIuZQNoWUuf8ZMGwXQEXgp83qYSf5QlCGFYxdyRDm_2MyNpaA3Ith3QqgylPnhDXfHOMLNAA2VVPWRLj7M67bWXokKP01aWl398astB1mzcGogCpx51SaBBdzeDfMWXoh3VjN209zWFSoqQB8NWZMMT8Cugc1415xm9dbUnJ654k9tbGfSH4cuXGdEhGe7SDpDfg==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://f30.x8top.net/2107tmp/cf/soft/2016/12/ba/.../droid4X_0105-beta.exe

http://www.ranchsendgift.com/dNu8CBzzugB9aeLQ6HXzYkTZhd6Ig7QMh9jWDE7UhuypD1iv86gdaXl2qXxP4WjkpD72WEGD1oTYxL12BTaGJYRSDqemI2a_PMt 2U1DNhWVQExNzB9bKesQzADR4dQyZyhcYHPM9II3cvhFLi7JJ63Uz7ROsMMMfCZEnFOaD_zZf0FxXQmyF_To9D2V5G F46wnyL7EV0gLqJT2iRJX8IGEhDM5iQ==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://w7.getpedia.net/data/file/2016/11/.../Droid4XInstaller.exe

http://w6.getpedia.net/data/file/2016/11/.../Droid4XInstaller.exe

http://w1.getpedia.net/data/file/2016/11/.../Droid4XInstaller.exe

http://f51.x8top.net/2107tmp/cf/soft/2016/12/ba/.../droid4X_0105-beta.exe

http://coolbar.pro/tracker/go?url=http://dl.haima.me/download/DXDown/win/.../Droid4XInstaller.exe&cid=12

http://www.towerbitscenter.com/4RG8QgZh8lsnNHcxGvf8CRcolosJ408IglOqpDM5YqaUABeRdoKsLU7JzbljwmfIhOrOfEWvTP3X2Up9XZ1qV0xULTNA1Ge8SwPIjV9ocCz9gxJhdC6__Dsq2z gBKZxzOY_pY7XXkz1WhevcG F75BAI4u7ggKqUNw3Q2wpb8XXL3rLdWKqPn9MwMSb8 ej_xCI9VBEt0t56_pA67aNCUopm2lUjQ==-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=

http://www.towerbitscenter.com/wwijYtG2xob5VInYuD23XVkoONhWEpF2_B4oBBlSyUKQOtZ_TI5j53n9k0QYLKuge4tW1ch3vroUStPlXQZ6E8RNLtM0rEvAVwHGR VMt_8MRiubSp5tUubbB0d5OATNSx8O2pjX6LHLTztc5Mmph9uFe5yHAG5CpODzkdTjJ 9aPwuHc2gv9Ae5pRJ4BeZCAb4tBzpvReEv4yXAklfPbJDGliDYHIZ0tanTWjswsmztVdlnrVjbqGq4WdsXm_CW mFRnzUHWXZLM4hL1zvxBDqsl0_eTZh_E5fnVHUfHYfM9akg5ghbFb0YHJQbHR5AJxtF2FxNy7b61qL2XtxVvONr _YquXX8IudrSg0AM 1KZ8czOSwrok6O5qc5AzNMKfAJL wupJmY23Ko1qRVkFnqH_qHhs8n6Sspv4692 6n4oky3GdLIIdgWXko4TpUrmwjFQIEEteH1asrZcY9CG8NnNwrjszZxHl1XpVeh86uLa1QOHfvdBny9bk BhvFzuBVsyuq8k5F4Ket3htyfK7JlAPSgBl6xcr1damXfjOkVbOeS8yFH2GrQ5jokDggJrneuAgl-Gz8AAORtm08NGtPTeNITFBKyoEbBBhw4BZ4OOggMd4B1IG48bcLQSIV0lAZZGPEFrxMV5LPDqrR1Y5cf8O8=-e

http://download.softpedia.com/dl/ac8a69a0476c47c3877a5e1c489abef8/57d3b454/100248261/software/.../Droid4XInstaller.exe

https://mega.nz/temporary/.../FZphGaqZ

Latest 30 of 138 download URLs

Scan local1file.exe - Powered by Reason Core Security