nero-9.4.12.708b_lite.exe

Nero AG

This is a setup program which is used to install the application. The file has been seen being downloaded from s10200.chomikuj.pl and multiple other hosts.
Publisher:
Nero AG  (signed and verified)

Version:
1.0.0.2

MD5:
07d891e823f3966eab953adb0ac17c76

SHA-1:
6e39888833580cb7ac50873c9f16e810398bbbba

SHA-256:
d9c2e7b483032d80926bb85ecc7d25b261dcade9cf4d5b82e45b5cafd4c6ab2e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 3:46:12 PM UTC  (today)

File size:
31.6 MB (33,177,736 bytes)

Product version:
1.0.0.2

Original file name:
NeroSFX.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\nero-9.4.12.708b_lite.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
5/11/2009 2:00:00 AM

Valid to:
6/22/2012 1:59:59 AM

Subject:
CN=Nero AG, OU=LEGAL DEPARTMENT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Nero AG, L=Karlsbad, S=Baden Wuerttemberg, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7D71513F7643F5FDBB5855E9FCE34351

File PE Metadata
Compilation timestamp:
2/16/2010 11:02:29 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:k5JhcIIJ2zsLfyxkEOeOtU8ufF4TIAXMs7vzT9:icIQ24LfySEOeOluGtXMs7v9

Entry address:
0x13AE7

Entry point:
E8, D9, 58, 00, 00, E9, 17, FE, FF, FF, 3B, 0D, A0, 3B, 43, 00, 75, 02, F3, C3, E9, 59, 59, 00, 00, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, C8, 1F, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 08, 15, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 18, 5A, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, F7, 22, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8...
 
[+]

Code size:
164 KB (167,936 bytes)

The file nero-9.4.12.708b_lite.exe has been seen being distributed by the following 24 URLs.

http://s10200.chomikuj.pl/File.aspx?e=dl-nDl8mtW6FQj5d0qHnoCYdJ3cxuN04L6-rCQYoO-_2EhqiSRkpEWi0w7NaTfeNMZbY5D6FDm4Qosld9NTg2ZspxsS8h6GN1qwU-x__6Pu4C6j8c18WU8I5qIap6p7AHh4KxrmIlrFQifbckTcM6w&pv=2

http://s10200.chomikuj.pl/File.aspx?e=dl-nDl8mtW6FQj5d0qHnoNsungPtOfqHOQFNGsbwvMt9jMJioMy7ubutqy_hVm_G9QLPtIRfIJSqpQvIalUET0XMcdHG3eB-rOSebMZ_Dn3rWR3QcGFIa-qqTLcK8cLOcheMJOusjysS4pIzsKUgcg&pv=2

http://ftp22.nero.com/Nero9/.../Nero-9.4.12.708b_lite.exe

http://www.videohelp.com/.../Nero-9.4.12.708b_lite.exe

http://ftp-stahuj.centrum.cz/dl/3b757ccdd46ff35907f577485983110e/5844785b/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://www.netzwelt.de/.../14936_2-nero-lite.html?sig=df0036c99811481cb25c4aca420107e9

http://ftp.stahuj.cz/dl/c9950d01bd1f0221ca7b0ae0c73f7db6/4c31a4ef/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://ftp-stahuj.centrum.cz/dl/77a9073ebae1a64073526a6bde0dbf55/56ce386a/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://ftp-stahuj.centrum.cz/dl/2d5ebbeecf53405c072a1d65c3b37c96/561fcfdb/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=44547&down_id=1&ip=41.216.212.88

http://ftp-stahuj.centrum.cz/dl/e5d38f1a09ddab4fbb4d40be639bed2f/5710ecc1/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=44547&down_id=1&ip=124.42.69.82

http://ftp-stahuj.centrum.cz/dl/27e36e72b2568ceddf132f85b974c6cc/57cde760/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://ftp-stahuj.centrum.cz/dl/18b4b0f9341d0964f59569285d75915a/55cdc15a/stahuj/download/software/secured/n/nero-free/9431100/.../Nero-9.4.12.708b_lite.exe

http://www.toplogs.com/.../Nero-9.4.12.708b_lite.exe

Scan nero-9.4.12.708b_lite.exe - Powered by Reason Core Security