home

nsbubetadownloader.exe

Norton Download Manager

Symantec Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from us.norton.com.
Publisher:
Symantec Corporation  (signed and verified)

Product:
Norton Download Manager

Version:
5.1.0.59

MD5:
f9aeaea3b109f834130a6486b2af69d2

SHA-1:
ecdea3d39dc71dc23f74b1bc962d6a77b494b9dd

SHA-256:
b6f0594f8f9da80f517fa684c1458b110662141a32a2322fb0d6bd3a197b77b1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 4:34:11 AM UTC  (today)

File size:
1 MB (1,072,736 bytes)

Product version:
5.1.0

Copyright:
Copyright (c) 1997-2015 Symantec Corporation

Original file name:
fsdui.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\nsbubetadownloader.exe

Digital Signature
Signed by:
Symantec Corporation

Authority:
VeriSign, Inc.

Valid from:
4/5/2015 8:00:00 PM

Valid to:
7/5/2016 7:59:59 PM

Subject:
CN=Symantec Corporation, OU=Norton Business Unit, O=Symantec Corporation, L=Culver City, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5C61F2C32FFB8A0BAEAD0F61CF07ABDE

File PE Metadata
Compilation timestamp:
3/27/2015 3:17:23 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:fURrivrZrYQL/wSPU8Fmnc/8bdms1eP5l90T6pvsFM9h+9e:fcoVrXbwOU82cknez9iuP

Entry address:
0x1000

Entry point:
B8, A0, A8, 8F, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, D1, 8E, E5, 81, 2F, 42, 91, C6, DC, 5A, A9, EC, 1A, 83, A4, 8E, 45, 75, FF, 78, 08, 11, A6, 9D, E3, C5, D6, 8C, C5, 53, 2C, C9, B3, 5A, BD, CB, D7, 24, CA, B4, 27, 43, 39, 9A, D5, 92, 11, CD, 88, 30, A6, EF, 67, 97, D8, B5, F7, B5, FD, 28, 5A, 70, 92, 41, 66, CF, 49, 0E, C7, 40, 5E, 74, B2, B3, 58, 02, 9D, 43, 1D, B7, 60, AA, 43, D7, 0A, 40, 4C, 4E, 35, FA, 29, DD, 48...
 
[+]

Entropy:
7.9548

Packer / compiler:
PECompact v2

Code size:
2.3 MB (2,413,056 bytes)

The file nsbubetadownloader.exe has been seen being distributed by the following URL.

http://us.norton.com/beta/downloads/.../NSBUBetaDownloader.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.