home

openfreely_setup.exe

Open Freely

Download Freely, LLC

The application openfreely_setup.exe, “Open Freely Setup ” by Download Freely has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. This file is typically installed with the program Open Freely by Download Freely, LLC. The file has been seen being downloaded from ftp-stahuj.centrum.cz.
Publisher:
Download Freely, LLC   (signed by Download Freely, LLC)

Product:
Open Freely

Description:
Open Freely Setup

MD5:
7f4172b53e86b92aa65101a80d592c88

SHA-1:
98d884bbd1cfd750f1cc8c7aa646fb0381edc6ae

SHA-256:
e4bb141ac00f297e0441831493db56d04f77094d955f6e93d4758f80fedcecc8

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 1:10:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Download.Installer (M)
16.3.8.22

File size:
29.2 MB (30,617,800 bytes)

Product version:
1.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\openfreely_setup.exe

Digital Signature
Signed by:
Download Freely, LLC

Authority:
VeriSign, Inc.

Valid from:
8/9/2011 5:00:00 PM

Valid to:
8/9/2012 4:59:59 PM

Subject:
CN="Download Freely, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Download Freely, LLC", L=New York, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4ADBABB3053A2C52ADBEFC8B236D039A

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:X0vqhp7K1LcS/27BJuxc1fMuI3PXFN7aOMktZeGzW00UTIAReg+StuFjTe4uLFzj:X0CPILu9JMH1xaZ3Gz+2AnFjTe4uRUE

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
8.0000

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file openfreely_setup.exe has been discovered within the following program.

Open Freely  by Download Freely, LLC
Publisher's description - “Open Freely is a piece of software which will open over 100 different file types for Windows® machines. Not only will it allow you to view, edit and print your images and documents but you may also view videos and listen to audio files.”
www.openfreely.com
56% remove it
 
Powered by Should I Remove It?

The file openfreely_setup.exe has been seen being distributed by the following URL.

http://ftp-stahuj.centrum.cz/dl/0b6a8028e5a74dda0190ea8344d02013/585070a0/stahuj/download/software/secured/o/open-freely/.../openfreely_setup.exe

Remove openfreely_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.