home

pms-setup-windows-1.10.51.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
MD5:
8c52e4b2407dc704c6722b4bac05733a

SHA-1:
ecf4de1defa00bb9226bf9fad0cecdf95732e37d

SHA-256:
a948f59dd857fb46cd30f8aa27bed877b2785f41fe000a3631c2581181981a9b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/5/2024 7:37:05 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131227

File size:
14.6 MB (15,314,705 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pms-setup-windows-1.10.51.exe

File PE Metadata
Compilation timestamp:
12/20/2008 4:41:03 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:CcEx3apxJnSHx+sYeDN0RF+8++v7BTJBePQNt:N9g+R8N0RECTJB6it

Entry address:
0x3233

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 02, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, B9, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, A7, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file pms-setup-windows-1.10.51.exe has been seen being distributed by the following 22 URLs.

http://dw.uptodown.com/dwn/w54nn8yXQZfTwYnm_f9MLFfzQzlRzGvmE3X383TWpsrvrRFxi000yj5v57BE43Y3M6V45bpO0B-WgReKgEH8coeTruQn8T_XdOaII6HzpWNpxnNVZy30A6S9S4p4Saiy/jAsq8Qynf-R0cz16n57I5Z6YiqtyR4dyI4s5UpuO5KEsbLzZN9BgGVLhblSmNLfRODHcYIrLUM4yOGY0yXq4k8uhkRM6cLdp1DfsZlZJ87E7wQazn6kRJSI018_IeeTY/46e3HjaC2JqDl2A6H6uGgp8eqXI1khBbGhi4BLF7QtGeQRoIJ04_J2pWUz7T5NKzZIEk89PF2-LydkXqoYvuXXMSXYk6dxIahzQ2WYMtvwjXhK_5523uoCOLWQQJUDDK/.../

http://download.uol.com.br/downloads/.../pms-setup-windows-1.10.51.exe

https://dw.uptodown.com/dwn/c4houlLcjvEfcOxc-BGPkkQr56Oc46IN_vGE-ljVcmpK8z3eQsfYuPxlPmZ2Enawe2PKFVw86Itmm4qx-bm1h9rx67yZNUkrlVyhu7bDqx9HinrDlf_8iF0v_2LwBOm4/HqIa95VfVlORJwAoZWXNYNykDlXilcg-J7vx_s7VSc-4wgKdGnnDHFzIVRR26hF_RdCa1jsSC7cCyeGbptvw7FE9-piYpr0LcFihms0qqV-hXXv0B7exnsmd66v8UaaC/o8P27ehBL8JF7vyA_tMZimeGbjdr8LqyTgR1X6K6ISg0Cccz0HIFjSBs-5HhOHpinKc3SqKn19sRZT_894ihzHzjmDwE8fxad2b7GhA7tGEsVbeRbzs3INCXGVRTUPrf/.../

https://dw.uptodown.com/dwn/E9vCMPCmde2jJtk9qlVGDUmanlwhNI2le4fvYs5TLXKMWqGq2kPytMVSrGZHReuDJTiySC2i4lUVK3JircG5DyXZvhTOVUlWdQ3a7jhiQz-OZlxWUAqpfZG4l3zmED-k/ql3CJoiEh-oWCEs5ynTI_POB8neblTnqtYOYi2wwEAJ5T0Zv4VtNSofLZNqp1qofbhS7U7a3ZXL2Lb1KMKW9Aw2GTXd2_O4RlcB6xcMkmW4TftD5oD4GkEti_zk_ct03/0rpRp4h3wBRUrKgD2nXxSwspnAqqEg4J1WkiBhDK-r_WIqvDNu17UFujpmy_IlzZrjJ5bReJNR12mgKEQzWwHRITgfrNuApJ_Rln0SSJvRCYw1qJ0ki41-N7oUn00smN/.../

https://dw.uptodown.com/dwn/GA-p7-N0nDZ9rBlCnco936gl2du-6m9ygYpXa-UZlijMyv6cCSJdJfFapX-uS0_pNg4ZqEPbEdULiRTElqRHOGVf_hDHD8RIcVHNfsYnm05Px8Dl58XfknYb9ob3OEa3/K5QhKa0E1KzIirGtiL9JjPvxXtkBpL3OwDGbl5An13gfOebT0Yy2nbRGtmAYouSjLILMfO_Y8t7VNoUm2y-F5IPrDI4bHt2lToTbKFt1em2-yjmpFay2kPQBP7DIoRfg/.../

https://dw.uptodown.com/dwn/e-DdAU2fFy9Tm9mB4N5AwE35uuAzkqpSOLr2LWnS00vJHF4YaA0QZbwZ6MiDQra5-wezRp7OSoeXZvYJ0S6o3cY6RVF8vYvZcQnFKzrGnhrQvCVXvRHK8TbQrREFJXHC/rcZ5uJYkuySwAW8KwjMQAD6mEzoqyCUClVQ3pHABoXg0mUodWVw0KJUgR788xaf_U6k14HK4ypaVfbyzjrz8eauey8SCGl6LxmUmPnnImkrS5KdbWOtq0ouQmLvOwA9h/CTTD3l5_TgQAklO5Jae0y3o-Duh2SqSzGsfrzV5KW-MbRR_iBBljpr_b_BYNAm281y0PkJUSXlFU_WfMQ1nRkn9xM5ghmVcFrglI75tc9f7WNmR-XsHU035OehXb0yJa/.../

http://ec.ccm2.net/es.ccm.net/download/.../pms-setup-windows-1.10.51.exe

http://dl15.afterdawn.com/download/c723076d439336c579f3786f1fb59c78/5739d4f5/.../pms-setup-windows-1.10.51.exe

http://dw.uptodown.com/dwn/tKAAZKWznY-flom_eeNTMfoi66LDizSUc1R9iesWiH8X_lJkhKu0NDTZA4WysCiMZlDUxr75k5zxKjnUxneGb7IpzkI0OiPstRN5ffsAv-U4XmuooV9orqjC8EttiZRo/cPlgc3a0ZMpcAS5-cP5UepA9NbL3P4VsoV8tGa6kWEJnIkAgqlcf2y0_BuoDFPt2IymkESbLVbRfMRuWonyxTgyngrTbajtfdxxLN1UOhVqMkXZ-npsxA_gn6g0RKJp0/.../

http://s10090.chomikuj.pl/File.aspx?e=oxJSjxCuDQpKxbWnZjAfHfuuHAq_uYsLHptLebBUvqAMns_pk2TowdB8FGSikNpFWTLB651ivuowyVScwwsgsNA1C3ft2eTzW4plIqpiCw6QI-xI2JT3818x-6SgPSNrqP8CkZ0yHwb7UxwGkChtxw&pv=2

http://download3.fyxm.net/57/.../pms-setup-windows-1.10.51.exe

http://download3.fyxm.net/download.php?id=57562

http://downloads.fyxm.net/download-file-57562.html

https://ps3mediaserver.googlecode.com/.../pms-setup-windows-1.10.51.exe

http://dl13.afterdawn.com/download/fda85cc5314aae202175536e6c82ee1a/52e4107b/.../pms-setup-windows-1.10.51.exe

http://dl13.afterdawn.com/download/bf3ecee2f77b63cb2f3bbe52421d3603/52e41039/.../pms-setup-windows-1.10.51.exe

http://dl13.afterdawn.com/download/cc33773c4341533614fba21ec2bbaacb/52e40e06/.../pms-setup-windows-1.10.51.exe

http://dl7.afterdawn.com/download/9013a8579172e5431ac5624fa0f67415/52e40dcc/.../pms-setup-windows-1.10.51.exe

http://dl14.afterdawn.com/download/9135ca8f04a7fecaf3f5836b59db6566/52e40d78/.../pms-setup-windows-1.10.51.exe

http://www.afterdawn.com/software/.../download.cfm?version_id=17813&software_id=1984&mirror_id=0&installer=0

http://ps3mediaserver.googlecode.com/.../pms-setup-windows-1.10.51.exe

http://en.kioskea.net/download/.../download-5850-ps3-media-server

Scan pms-setup-windows-1.10.51.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.