powerdirector_3420_gm7_le_le_vde151231-02.exe

FnPackage Application

CyberLink Corp.

Publisher:
CyberLink Corp.  (signed and verified)

Product:
FnPackage Application

Description:
CyberLink Extractor Utility

Version:
1.00.0505

MD5:
92f9f7492ecd9b05843d3e76af72a9d4

SHA-1:
dcd60e40ff0ccad546a3f093e7fa516e25ed6992

SHA-256:
693914c5c98fb8c43312110adb0109d4d0031000fe55deb8fff51119c9520bbf

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 11:22:14 AM UTC  (today)

File size:
750.5 MB (786,919,272 bytes)

Product version:
1.00.0505

Copyright:
Copyright (C) 2008

Original file name:
FnPackage.EXE

Language:
English (United States)

Common path:
C:\users\{user}\downloads\powerdirector_3420_gm7_le_le_vde151231-02.exe.part

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
3/5/2015 12:00:00 AM

Valid to:
5/4/2018 12:59:59 AM

Subject:
CN=CyberLink Corp., O=CyberLink Corp., L=New Taipei City, S=Taiwan, C=TW

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
2CD2C5777BFC596CE3F6EBFDFB9B9469

File PE Metadata
Compilation timestamp:
5/5/2008 8:14:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12582912:e1MhX6Es0Tlt++5FdM0U3VBMdm9Re4TNwTGiLkhTJD3opEnx2GV+T9NhzpsGuEie:rh6ELhtldhOada046DLkhpMkx2GV+PhJ

Entry address:
0x3DCA

Entry point:
55, 8B, EC, 6A, FF, 68, 38, 59, 40, 00, 68, 50, 3F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, E0, 52, 40, 00, 59, 83, 0D, EC, 74, 40, 00, FF, 83, 0D, F0, 74, 40, 00, FF, FF, 15, D8, 52, 40, 00, 8B, 0D, D8, 74, 40, 00, 89, 08, FF, 15, D4, 52, 40, 00, 8B, 0D, D4, 74, 40, 00, 89, 08, A1, D0, 52, 40, 00, 8B, 00, A3, E8, 74, 40, 00, E8, 16, 01, 00, 00, 39, 1D, 00, 74, 40, 00, 75, 0C, 68, 4C, 3F, 40, 00, FF, 15, CC, 52...
 
[+]

Entropy:
7.9536

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
16 KB (16,384 bytes)

The file powerdirector_3420_gm7_le_le_vde151231-02.exe has been seen being distributed by the following 10 URLs.

https://www.dropbox.com/s/.../PowerDirect13.exe

https://sharewareonsale.com/?download_file=1236721&order=wc_order_56a22e91c25e4&email=sam@asonline.com.tw&key=866427d1951f9abdd39b6c52ef959e1d

https://sharewareonsale.com/?download_file=1236721&order=wc_order_569eead1aa656&email=meotherlife@gmail.com&key=866427d1951f9abdd39b6c52ef959e1d

https://doc-14-30-docs.googleusercontent.com/docs/securesc/red32ukarlu9b8q5d1g1roubmv6m57be/5cl1kofakopi039v5an85s44p0av6egv/1473811200000/.../03879967987203174358/0B0msose5B6iGdGNpQThySUctYjQ?e=download

https://sharewareonsale.com/?download_file=1236721&order=wc_order_569d21f35a507&email=dettike9150@gmail.com&key=866427d1951f9abdd39b6c52ef959e1d