home

microsoft-powerpoint-2010-32-bits.exe

Generic Internet program

The application microsoft-powerpoint-2010-32-bits.exe, “Generic Internet program Setup ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from d.mydownloadfiles.com and multiple other hosts.
Product:
Generic Internet program

Description:
Generic Internet program Setup

MD5:
c142493eb476393ce85e8260694b7e60

SHA-1:
34a743852d58c36d52f71cf17ca202b4caa25122

SHA-256:
28fd9b370d61c5d5ece059228f49fed437d00c3b23de5efa0803f7d283e2ae68

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/16/2024 9:47:27 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.Bundler.Installer.Meta (M)
16.2.6.5

File size:
672 KB (688,111 bytes)

Product version:
1.5

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\microsoft-powerpoint-2010-32-bits.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ysvpdGwhWNOlNFCeKNXGvYJbpfoC6dVOq+sXtEuK4ifuRxExubHaP/kY:ysvbGwhi4FC1XnVreXtEgZRxExM6P5

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file microsoft-powerpoint-2010-32-bits.exe has been seen being distributed by the following 4 URLs.

http://d.mydownloadfiles.com/?ic_user_id=9289&data=Ya4V5gFZwOXNFbYspBZgivQoZipLkQ1FgbhDJIYcl8pIxsYNr QWc4EZP3lFMhc69DeVoxg9a7GpHVyqLP4jlVpGIUushU0pTFKWp7NxFvSoUyPQFvjuvW1sb5QFTeL92a U27beGPtQeo6hyw6Uf9S3k6Q8EeAjgcd3yZsEwQmmHrtVSDAK/tWuzOguSdn94fpgPzLaqA//KA3OyUBPVLqBnsSH22d0Bro/ dwlKjFctAsrxxOUMHsND4yWcZyNu/JQByuTzLUh2hWNdlP4d 98Vb8 jLSC x/J6mmiynqy0zA6hhtCc84FaEnAly4bkfEDnuWFinLbF8Elso6W2uGR8CNHxHuS6w1HZUMxLd1EZzYH1NUHvonTtwjFoaBhzcc2mJ9yEikL6zbyv56DZOTihZ7QeRuftMewgg4 7lRdCwhdH1bi1tFUfvSqr/Tn8BrwLMw/kgGg1O4BC6Dztg6Qt20C18XU3hAWxYC6rKC08gaj8r9pdDanRcHkfXNupZVkd0UoIopdKS9JSZEOYfYS7g75F1qDXV1JsYJ3/COMCjpZ4UgAIs7fDkGc9AMOWxq QP/X0RuvnPnAssEzDjh2z cHpJ8aNAvfpRcC5qJNPtGseDPeqUV93UrZrwFIe475jLTGIiy5Q0OHAH3ttjzfVK8NAzsYJNP1pUQwbM2fICH8VSdfqHj5ziAr6uPn/lscLlcDKM4ELZoihw54FKYwjLyzQsWGfD1yEcoiIhymWk0o3G2DVKH4FpR8/Dh/&key=TotDdIVoVrVZu/mdKjc9w6Qi8bE/.../e3mRid CAfiz78w5iIvvxt01WwkRoyqkYlLg21MFVvpKK GViBNNGzDWJGjgqqOtU5jJjNsJvyB57k14uwmnj5Fq89rKRzC11G2ZrnZS40L0hakT

http://d.downloadsfilesnow.com/?ic_user_id=9289&data= hnG4kUKSPaJmmtiav/ywmL/mOYBJjNsDFKzlBRYp0vvBtdVTPnYfeXHfVPanWBw64EE3hSdGv5X7NjQaNfy8PFnxaT5GyCe7BSRHx7B g24WWt6IVy0o0GuFMBuuuSVNhKou7SAILY5HDEgW3il0LMXYw5ok38DqrVv9WQnwRh2sKctjfWaiVrtpXE0QvU4Jmixk4DYiAOzn6RQghx0OjHRCCmlCSqF9hzw7H26zA0kWztjW CGxOXEYfWqi lGyusQyEBkYXRL0A8WJK1kvxtOPWvEJe6ITAdjG60XpP9jlvck7rAb98hqOA/pWwUb22c3AM X46Yr4zOtNl3GKubzCd6ZCgP1yvWUhXrdJZngQBjH GFAEOWEFf6iWxO2MYWxr9r3c8KV FJHFG2A5Vc/e5z8LQ 9wEh2DcfUsyBwrACLIrGUIYJFQRhTuNnWpbRAIzntcHrVypLajk4Fz0So1lJpr3dObckXycKrLxKCC9Nm4vo7kRTwR4lAbMqo6lFKL oPtnlAxUo4g0bDnPRBgF/.../B3WQiWT99rih lNSTMgzL3AimMqWxlsgb8NLOF3pwmqQTURFTmd8ra6DetzXay6FdOOzgtI8gAfSjI2TuzKTCN2uBkA2vs1XV

http://d.likelyaa.com/?ic_user_id=9289&data=sUxTgEz5Y3DKo80mh d1Xpa8JOWTOF449cHkAczSUjtcIohdR wL8Ey2 Hc0qGu3IgHu3EvxnHC/hk7X ALyQMo4ookU4H70ZjS1S/IxYFgG7EsJhCb6SbN1qjiaolR77Tsxlv1JmrTtLzHR0degx8JZcpUWyCVJURFi3vsxxSqhuAOEMI1hLWOnaMs Wst6g pDupZcxX Z8lElZkzkT/zBLEOxbhASZgOxwM18kbzd2HKXrv5TNHawLtLSe8lAcdJd5NZvIkRw5puQ6tMr27IN53AbfsvFWahbmIDNxa6wXD/zaJbE7fQoiHHnGzA3IC6Ty1GzpOhFIadxd1X0jGFfoXbVhBGUTick889Hs1eL58WGLlAMlHuxv3eqRKhW4R2td/jj2uKw0pOAFHVbdTB8WTyPCSSAf9BG70aKvrDy9QzlmFjywU55Gv6dYoABysHMzimOz9vtJ7PUNVfS26bmqbQ6WYbpP5m2zysFlQwNJC0m/5uZW0TAC23kSuKLWrss5Sh5ftxqY2tBVdcem5ZQFT8v8LdneQlcrvuAxZFiYFnwPPqjkykLpzyY9UT53hj9eY3pUWtkskOZOcSH/wX1yBcX0X/svTbNV5j4lxYl0pknfCtiz/mTdjAoF4iuIq/QZIjohA3pLbkYKMB7fkI/WkF21kbklTTMoiEYF6YlIFarNQ/DBNmWyhK3P49UuyzE1GwKYR6gU49qAe725hsX/FP3ET1QcNPUeqY a8h0wJlgCSLrDY DC5ZC9DU4&key=WJZV6ytRFnONTsSX1Jg5Mo/YdnKedCTf1xEtw VuVY4Kwr296WhrQ opJ1YY1ayo6mCS77vB9M4n5SRlImLtEWQOhQ6Ex2rTf6d0sPfGd5iaP1h7HI/.../6j2VlMotgJYiFwNGsvlUwGW

http://d.highaa.com/?ic_user_id=9289&data=xdh3JwB7oVDByUG/W7SaMHd47PNzgONPDcvsTYqfE859a75WTHAGbwmvfrMZm/o9t8o/DgspcYkpLpuXu5CpqOkGwk/1Z6Zj1fO4ZTFemnKVATzhdPmeZt3Vaka6sQ2fBCTvnU6aHKSq5LS1zIm0qEmgVzoJeV5JAdblyYc0SQGNc1PE Cq Q1G4APxRhQ8nG7HuqvIAoK0Vu6Dd7rz5DVXScm4mT4LtnVtuiWMTIBDAY/lrNpUMpkfUDhQQZi3vhg9WpUKZdF/8LxUrHgJIYrb/3eHdzwXiJ1aIbIbodVTs NrXNjcTZFzBRiaK8zZs9OL4ySkQHLErmsTH81wjfsgj7olgxz0HEy29a6qlIuU14Nq7GQ2nl0bkJf3vzxD2Mqoi/2f8CGpwpM7ZyhSoOt2tX3L0/qG/S5f5m6jTt9escxTQnyMEq3/0d1ll6cgRb8riGMN7wqXKgs8Rh1DLr4yjHJszUY29w23MwAZNhIgzUuaABloc1NBCOm8l9px7AfPJ2E1HvHBCLQrVzSNo6wwg9qyf9FUSY1JcdmCOo1Av9qlsKHpBF5614balB88ccVrs3L9J26 kG3EyvQT5iTuV5Y7RDEtNkn2eggm9k68Pdst5smezsZ7t8M92Zq46NoZSRiRBPxuysu7Vy6/nwjDRY5Nem v31lbM9a32P/NnCUYNsYTX5HTB0AHDj1oEruXPQzSXxNFoIISLtJmnt5d1FAIeCrH5HcK5AJ5mNzjaYoraeXWlPfzovtXeOmOX&key=XGqTU/gJIv/qP8NXPd75yCaFiSnpSMvpndy8UPForDHA4p4lR5nLEczPZG7hnQqxs9nOfvzDSr4gVI2flHIVZj1Jvmth10l24/.../kMxS7APoEdIHdbTDnqrSK4

Remove microsoft-powerpoint-2010-32-bits.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.