mp3tagv280setup.exe

Florian Heidenreich

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from indir.gezginler.net and multiple other hosts.
Publisher:
Florian Heidenreich  (signed and verified)

MD5:
eb3bb4297d3f83e66295d01bef10c391

SHA-1:
10236c050a4f2807e657382bc231fd3379e86d2f

SHA-256:
99cd2109f42077e9ad9a8e3aafe4c53253bdb3e6c0bb2621443327a7487f7249

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:29:28 PM UTC  (today)

File size:
3.1 MB (3,202,408 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\mp3tagv280setup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
9/23/2015 2:00:00 AM

Valid to:
9/23/2018 1:59:59 AM

Subject:
CN=Florian Heidenreich, O=Florian Heidenreich, STREET=Erlenstrasse 18, L=Dresden, S=Saxony, PostalCode=01097, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DB71B0770CA8E10635C9F965878AA7DF

File PE Metadata
Compilation timestamp:
4/2/2016 5:20:09 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:ijelgUugt9GX88BVR3GYdHeC1TPi2Ykd/:ijelgib7OR3G4K2Yg

Entry address:
0x326C

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 57, 33, DB, 68, 01, 80, 00, 00, 89, 5C, 24, 20, C7, 44, 24, 14, 30, 91, 40, 00, 89, 5C, 24, 1C, C6, 44, 24, 18, 20, FF, 15, B4, 70, 40, 00, FF, 15, B0, 70, 40, 00, 66, 3D, 06, 00, 74, 11, 53, E8, 07, 2E, 00, 00, 3B, C3, 74, 07, 68, 00, 0C, 00, 00, FF, D0, BE, 80, 72, 40, 00, 56, E8, 83, 2D, 00, 00, 56, FF, 15, AC, 70, 40, 00, 8D, 74, 06, 01, 38, 1E, 75, EB, 6A, 0D, E8, DB, 2D, 00, 00, 6A, 0B, E8, D4, 2D, 00, 00, A3, 64, 3F, 42, 00, FF, 15, 38, 70, 40, 00, 53, FF, 15, 6C...
 
[+]

Entropy:
7.9951

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file mp3tagv280setup.exe has been seen being distributed by the following 20 URLs.

http://indir.gezginler.net/i/3064/.../

http://filehippo.com/es/download/file/.../

http://dl.cdn.chip.de/downloads/.../mp3tagv280setup.exe

http://www.pcwelt.de/download_file?bid=280402

https://dw.uptodown.com/dwn/yQfQMXbuuqMGR-195fqPcGBClajovGlSm4FDwyLoIecb3763LmYw-6KazOKh3z3NpsjdxaMwB0LoX3cHvxZstvSuVPDC5y-By0d39wqhj7JGoMKRMtfYFrJwQcHkV4Ec/cPPt1CGQUQidv18moCMRstF611BJ1Mp7r1x9y8vZMjCk5kLWTHXPq-yYhGXPNSsZV0oHfKK7wIq7hmuYi1aGDllih0Ah7z3OrTKjt_i9RUDChn3wHoKTiZet348j00TO/c23PcIcNKeezeR5A5EblyW8RrOI7A81YqBNIpVn5CRGD1wnG3GO5rgJtoDUdDw3RbN5jPeRBjSfaS-KTogYcjGEodNrsVCUwhXkx4oYkD0n2hpjSxGaNRGGvWczcdUTX/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://low.software.dn.naver.com/56736a82ccf4d7098f577a14f81bc876/.../mp3tagv280setup.exe

http://www.filehorse.com/download/file/.../

http://www.lo4d.com/get-file/mp3-tag/.../

https://dw.uptodown.com/dwn/xoRjoF3-7GiQJVn4EWEjD-6i_DstN67Yp1nS2sxzJPViBtJ5eZXYHKrNDMHvmttoDjVIf55qMGFE763xh4v9uiYbti8dJEMx_i6v66Cz2fywQTVOzh_nwn2Obileucoh/rgWn84SzGTIhohxM3BDJEIZbthe7gFNz5vcIVJ9qwfuNWOAKNSvBEHDLTm7PchDnFC9d9KEwGQzXRC26ZvjeQiyzzlitxnMIBwe9PiHNS-7LorI56ew8QvvKR53aBZcV/ZkHUl21M_Q97iaIiL-X5D6dEfL3qYCE7X3C2cOUwcQypACMVf08f9_S1qb62C61DdlYJqF-zrM9U5h4F3nE-rM_WTkvDCBfLG8ZdlOM9EPTX0obfqpnn6AL6xfGTcQhX/.../

http://www.filepuma.com/file/1481284146c13462/mp3tag_2.80/.../0/

https://dw.uptodown.com/dwn/2f0P0vx3ljmmAza1ma_z7ONftFtyye37NgtZLdnDcOrJ6FIoD2VUqk_Mt-_D5QGqI-g25geYuUgdNskNNtxLZNbWVQLADmHCiUjw_HZjeKJjee1gaBk4qRfQLItlWnbA/QZ0l3p70hFCSOykAkqQHIFzErm5TylGY3y3q3oQQK9LFM3_qDyvnATkCEgvhF_3vyqb0XZl7eQHilonGyYKshNK9xuAc6A-TLtCBqIBJMvcukOEmau2fBY1pSi0OfXze/KJkVNYL2oseu0LjmgkuqqQfNADeS5HnzyYHAAfJpIRRlPU846ENgZIIZ6-Dq6wXzUtMKcYln4e6B-5ofYv_9L_yGnsU0BKQ5l5jXNB2HMIOvpwT_AsOl6GbaUgYwVWQY/.../

https://dw.uptodown.com/dwn/9rp5P1ROL3aJH0p0UOCfwGf9MGbJjD5KWr6zIumLrcja7BWr50yuANfoy9qUp6Fwwm8s-tYYlsLhKMVgt4hrwNnDVPVI-O3o18dBNhUscilV7MZihDW9o6vr3x8dA5qC/LF4TFlAiwXa_sZevgN-NHRPBfFmkM_KUjUQ0S209NI52_RAgKLnCHkf19kS-S84NcM80VlPdA0FoVfg_wr9-1WYePiGeyFMLU2RuESJDGUjdPSQD-UCnETwMxHqPNTAN/Mdb5UNF4nq_EGVfg6BisBZaRSb6WV5XwF7mqGmWid2xlf0oVDm7iLSiL4tp7h8LskqTN1IJZ_lC0YDaNnm0zlaeTM6Meb7CZOAxVJNa6l-iojRVJ2sQr069vWnyFDyVx/.../

http://www.afterdawn.com/software/.../download.cfm?version_id=115380&software_id=602&mirror_id=0&installer=0&perion=0&air_installer=0

https://dw.uptodown.com/dwn/vcIX5wJt-3JRComABUCdUQqsFiOchgkjznXmX19hw1bRFUcnbLPm1QbnWS9nO0ePyrVOiRO8FFM3lFdLfk8NIks1dfWbdyKHrVshAHH0DN3FlGmUvAfv4cLbGaIqAi6e/_3_3onRUOohQi6K6FY0Y_ldRmqb60Qawqf3Kv91P83qJOJmV04K0v3YTh2B9C28xIiQ0f4t--6vKbFhYr03PmsyT0V9JqSY9L_9TsvmSkT2xjA1Fhn-I7eoTbycZOTpS/RDzlHxA1gkLWGbPvZSc2-hMkEfHSJHwvrpsr8UIdIokmstuF8lDD9w3iRvuL_xOxFJCbrwQ0whlwORiiisNVVq6ZLTegKoMyT-KaFRXcnUROfo4IG43FsqRXWtBg1sdK/.../

http://indir.gezginler.net/i/3064/.../

http://www.filecroco.com/files/.../mp3tagv280setup.exe

http://www.free-codecs.com/download_soft.php?d=221953054470b04fb6e5dac859ae8506&s=211&r=&f=mp3tag.htm

http://download.mp3tag.de/mp3tagv280setup.exe

Scan mp3tagv280setup.exe - Powered by Reason Core Security