opera_17.0.1241.53_setup.exe

Opera Software ASA

This is a setup and installation application. The file has been seen being downloaded from www.filehippo.com and multiple other hosts.
Publisher:
Opera Software ASA  (signed and verified)

MD5:
e23f4adfc77e73a7978bd025ddf64a65

SHA-1:
ba1e744d1ad0cd651687379ace432f03ef3d0d55

SHA-256:
4c786a2c3aacbe9246ea0f79ed8718fa4a7dd83e6dafc5f8bfd2319d370e109a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 4:57:43 PM UTC  (today)

File size:
32.2 MB (33,727,472 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\windows\temp\avast_ash\opera\opera_17.0.1241.53_setup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
6/24/2013 1:00:00 AM

Valid to:
2/16/2016 11:59:59 PM

Subject:
CN=Opera Software ASA, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Opera Software ASA, L=Oslo, S=Oslo, C=NO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1578A42784FCB4416A9A6C033418CD06

File PE Metadata
Compilation timestamp:
12/30/2012 8:49:43 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
786432:OX+PZbM2/vfUv4a5thyvng8EsQLJzz9qU4c97RB//wcLVf+Oyt:XPZbM2/Uv4a5byPg8AJFF3t5/FLVftyt

Entry address:
0x12DCF

Entry point:
55, 8B, EC, 6A, FF, 68, 50, 5E, 41, 00, 68, 60, 2F, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, DC, 41, 41, 00, 59, 83, 0D, 84, A9, 41, 00, FF, 83, 0D, 88, A9, 41, 00, FF, FF, 15, E0, 41, 41, 00, 8B, 0D, 7C, 89, 41, 00, 89, 08, FF, 15, E4, 41, 41, 00, 8B, 0D, 78, 89, 41, 00, 89, 08, A1, E8, 41, 41, 00, 8B, 00, A3, 80, A9, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, 50, 87, 41, 00, 75, 0C, 68, 58, 2F, 41, 00, FF, 15, EC, 41...
 
[+]

Entropy:
7.9981

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
74 KB (75,776 bytes)

The file opera_17.0.1241.53_setup.exe has been discovered within the following program.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
 
Powered by Should I Remove It?

The file opera_17.0.1241.53_setup.exe has been seen being distributed by the following 13 URLs.

http://www.filehippo.com/download/file/.../

http://installs.sevas-s.com/.../opera-17.0.1241.53.exe&u={DA803C84-FF49-420C-AB44-F5639309A371}

https://baixades.softcatala.org/?url=http://ftp.opera.com/pub/opera/desktop/17.0.1241.53/.../Opera_17.0.1241.53_Setup.exe&id=6516&mirall=&extern=2&versio=17.0.1241.53&so=win32

http://85.25.41.237/.../Opera_17.0.1241.53_Setup.exe

http://188.138.71.194/.../Opera_17.0.1241.53_Setup.exe