home

powerdirector_3420_gm7_le_le_vde151231-02.exe

FnPackage Application

This is a setup program which is used to install the application. The file has been seen being downloaded from sharewareonsale.com.
Product:
FnPackage Application

Description:
CyberLink Extractor Utility

Version:
1.00.0505

MD5:
425f5a67b0ef65f2423e2c10b8757e42

SHA-1:
85d211aa752e79037029576d83f5f1d0ce17b760

SHA-256:
d0ebed5d5c3d845cf01195a38d5c180c490ae4399e64f1b455b926a34e4d906b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 11:17:27 AM UTC  (today)

File size:
670.5 MB (703,070,208 bytes)

Product version:
1.00.0505

Copyright:
Copyright (C) 2008

Original file name:
FnPackage.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\powerdirector_3420_gm7_le_le_vde151231-02.exe

File PE Metadata
Compilation timestamp:
5/5/2008 3:14:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12582912:e1MhX6Es0Tlt++5FdM0U3VBMdm9Re4TNwTGiLkhTJD3opEnx2GV+T9NhzpsGuQ:rh6ELhtldhOada046DLkhpMkx2GV+Phj

Entry address:
0x3DCA

Entry point:
55, 8B, EC, 6A, FF, 68, 38, 59, 40, 00, 68, 50, 3F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, E0, 52, 40, 00, 59, 83, 0D, EC, 74, 40, 00, FF, 83, 0D, F0, 74, 40, 00, FF, FF, 15, D8, 52, 40, 00, 8B, 0D, D8, 74, 40, 00, 89, 08, FF, 15, D4, 52, 40, 00, 8B, 0D, D4, 74, 40, 00, 89, 08, A1, D0, 52, 40, 00, 8B, 00, A3, E8, 74, 40, 00, E8, 16, 01, 00, 00, 39, 1D, 00, 74, 40, 00, 75, 0C, 68, 4C, 3F, 40, 00, FF, 15, CC, 52...
 
[+]

Entropy:
7.9540

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
16 KB (16,384 bytes)

The file powerdirector_3420_gm7_le_le_vde151231-02.exe has been seen being distributed by the following URL.

https://sharewareonsale.com/?download_file=1236721&order=wc_order_569e4c298beb1&email=socialsharesharewareonsale@sharewareonsale.com&key=866427d1951f9abdd39b6c52ef959e1d

Scan powerdirector_3420_gm7_le_le_vde151231-02.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.