» npp.6.5.1.installer.exe
Overview
Analysis
File Details
Programs (2)
Downloads (24)

npp.6.5.1.installer.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from notepad-plus-plus.org and multiple other hosts.

File name:

MD5:

9bcbcc9e9f13798aa59164c348da764d

SHA-1:

7154f5283b01663d993098459fcc276af4615e08

SHA-256:

d42fe7e3fd4ee26cae5aa249e5ae4ece921f736f4c6b2a2d0f203da0d7f9e155

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 8:51:08 PM UTC (today)

File size:

7.2 MB (7,520,740 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\temp\npp.6.5.1.installer.exe

File PE Metadata

Compilation timestamp:

2/24/2012 2:20:04 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

196608:XNZ8xoYvAfaYVQifm1VD9J8/bdBQWc+7PyzbOMkCMMyMM5:XNIJPYuifm1VD9J8/f7MyGjM5

Entry address:

0x38AF

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, C0, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 36, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 84, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 18, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 06, 27, 00, 00... 
[+]

Entropy:

7.9887

Packer / compiler:

Nullsoft install system v2.x

Code size:

29 KB (29,696 bytes)

The file npp.6.5.1.installer.exe has been discovered within the following programs.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

Overlook Fing by Overlook

http:\\www.overlooksoft.com

About 2% of users remove it

The file npp.6.5.1.installer.exe has been seen being distributed by the following 24 URLs.

http://notepad-plus-plus.org/repository/6.x/.../npp.6.5.1.Installer.exe

https://dl-web.dropbox.com/.../npp.6.5.1.Installer.exe

http://fs30.filehippo.com/2134/.../npp.6.5.1.Installer.exe

http://filehippo.com/download/file/.../

http://software-files-a.cnet.com/s/software/13/43/73/.../npp.6.5.1.Installer.exe

http://fs32.filehippo.com/9199/.../npp.6.5.1.Installer.exe

http://www.filehippo.com/download/file/.../

http://soft.archive2.clubic.com/files/fa77d07a87b2579cc7735b9f5ba03665/529fcbaa/.../notepad_6-5-1_fr_9567.exe

http://soft.archive1.clubic.com/files/64a53d5b2abe9c9c8840f06486f82048/529dfaa5/.../notepad_6-5-1_fr_9567.exe

http://filehippo.com/download/file/.../

http://fs41.filehippo.com/4574/.../npp.6.5.1.Installer.exe

http://soft.archive2.clubic.com/files/b086a07f27a2f0c27f43d0c6d6f863d2/5295e419/.../notepad_6-5-1_fr_9567.exe

http://113.171.224.246/.../npp.6.5.1.Installer.exe

http://download1us.softpedia.com/dl/496d5e4b49c302759d2b00dbc32fdf1f/52a137c2/100013216/software/.../npp.6.5.1.Installer.exe

http://installs.sevas-s.com/.../notepad-6.5.1.exe&u={AC8754CF-E1B0-48CD-A2CB-56B11D9E8DB7}

http://d4.sevas-s.com/fas/.../notepad-6.5.1.exe

http://installs.sevas-s.com/.../notepad-6.5.1.exe&u={BB682410-5CEE-426B-A451-2462F4A05AC3}

http://d.sevas-s.com/fas/.../notepad-6.5.1.exe

http://filehippo.com/download/file/.../

http://fs31.filehippo.com/5542/.../npp.6.5.1.Installer.exe

http://www.filepuma.com/file/1385047605c4486/notepad_6.5.1/.../0/

http://dl.cdn.chip.de/downloads/.../npp.6.5.1.Installer.exe

https://dl.dropboxusercontent.com/s/.../npp.6.5.1.Installer.exe

http://download.tuxfamily.org/notepadplus/.../npp.6.5.1.Installer.exe

Scan npp.6.5.1.installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.