rawview.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.
MD5:
cc61cbf6b0e5ec8674493eca4da6d407

SHA-1:
cea889cb44315611ebb817e64ad9ec9bc489ff34

SHA-256:
b48d2e9338b96dd9a5511090bcbd14ec3c6095445716a9cf76183d7d797ece4b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 10:00:34 AM UTC  (today)

File size:
895.5 KB (917,004 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\rawview.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:cVAG7srwvvT629Qz+m2tABi2okYw/LImtI/nQP5eT:cVAGA6vTOz+bABVopeDCnA+

Entry address:
0xBF98

Entry point:
55, 8B, EC, 83, C4, B8, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, BC, 89, 45, B8, E8, B3, 70, FF, FF, E8, 1A, 85, FF, FF, E8, 25, A7, FF, FF, E8, 6C, A7, FF, FF, E8, 5B, A8, FF, FF, E8, E6, FA, FF, FF, BE, 24, FF, 40, 00, 33, C0, 55, 68, C8, C5, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 58, C5, 40, 00, 64, FF, 32, 64, 89, 22, 8D, 55, F0, 33, C0, E8, 87, F2, FF, FF, 8B, 55, F0, B8, 88, FC, 40, 00, E8, 6E, 71, FF, FF, 8B, 15, 88, FC, 40, 00, B8, 8C, FC, 40, 00, E8, 43, 7B, FF, FF, C6, 05, 33, F0, 40, 00...
 
[+]

Entropy:
7.9732

Developed / compiled with:
Microsoft Visual C++

Code size:
46 KB (47,104 bytes)

The file rawview.exe has been seen being distributed by the following 24 URLs.

http://lb.cdn.m6web.fr/d/c/a/1bc102d3abd5f84b02b99f6d3de5b2f8/580bb7a7/longtail/0066/.../rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1482734663&Signature=MgVK4wEzjhdsiQYVg5hgfdU4SacQUn-O8nJFddXYlGzxjwsAIVm4JzAaRuX1bOa8MmE1nuxP6z7Nd91We2-SBaIJzSryDAfwUBQNmim1iyGJZiycYdr8R5ocya2dOXfAi7dqa1FWaPy0DHxOsQZA0P1aczS28jRj9njnipMol9o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1440398286&Signature=LekFj2YoQQijNoSlbu9M2LBmDjA1tD281Vk9MvNaoldLivJp0iomcrrsPW-3uTX9fuSna05kqJYd8wFHrZddQrpcO8hx7D5bplp6UpIVJbamZWP4nAE~-jWfaEwjjoCe4hhUFBMdBicrhJ2jgLvcLRQzyUzPF-0M~R93~HCSQDE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1466972845&Signature=d~awVjxlxZ3hQQcMWyiNSCMG2QrVHKhfjW1~9gdiBxPQdhkH44SYFYE1rkJxMMkF7pk-OoJ-s9-SfEKj5lRnVzGtXTmifcq0fpZCa0Rq6uTiohhjMBPPp8VHteo4-DBc-pj0y-3wzbW-oh8kQFuVIWCuXkWZKzeEl9G9Sp4WHnc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1479296793&Signature=OshzoC-7V6ljGMNzcKzRt7UmU0HPjFhOJx9ca-0cJTj9U5mrYD5V~n51UHxJGF~8SWWemovgf03asGH5istfH3Jeo9hmlfdVPJAlguVkE1lVExCSY18XBOHjI99KEP-ThYlx8XmuikXhYFwXFy7P1oAAYvhQSAOVIEJpZEj5I4o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1460848428&Signature=V~Xk1BnUXQIFEGKFwpa9wnoIBZDqwCDa9pEojq5TzMsFu8mPY2Bok2Q8jsuaJOh9h7T0SRqarv0oSa7p5pWc8AyVmqpO60mnWngTU2cxn7OXF9VvKpLvNvzzl5OyABSpIOulW4g~r~swilf1C-nhfLv-Lihy0LZhU1MFzyq68Ms_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://lb.cdn.m6web.fr/d/c/a/7725c2575621f2e25897cf9a698187aa/5828c463/longtail/0066/.../rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1470082519&Signature=QibX-oyvMisdTflNQQXzmiWQurskVQktg14xUmcFv7AbELpY~P2TkkUVXbkpqmEXv6H-TXBswWp7tJZ9OVW4soEWklJhOCukLImR590QsZ609sFL8ugXXWiT-NTjOHOZt84IIltgEEeROuBNkjUXWs~YVlPTUlJ~Gn6VGsGTAIE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1463394160&Signature=hJYMH7VDwkazai7GoS45BUwlifMYAqicXkHdvMZA3aNSwrM7d4betsWO9pNkS3JSfU3u9bmvzbmw4img90gW8p76G0w4j2r55hdDNFY1w34diq13h8JufV941bFLHIQWmbGi9t1Jfu9ggHOaB2NcobCfekNWeZ2EAg-mqHKbg4o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

http://files.downloadnow.com/s/software/10/54/06/.../rawview.exe

http://gsf-cf.softonic.com/cea/889/.../file?SD_used=0&channel=WEB&fdh=no&id_file=52537&instance=softonic_en&type=PROGRAM&Expires=1459742884&Signature=JIJAtlqJjVIfstaMc-K5i6tnywzrlXJq2LvL0V2I-sCV4sJP3XqJ3QTM0czKAuT1rGDWVMnaQ81KTz13PrS1LACRyrno95f-6L-3xe4kGyxU7Ny4Xyy7j9msY~yALVUl-dZSApa1Rux-RFmG8HKKxEH9rOZDO4y4kjKSn-En8F4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rawview.exe

Scan rawview.exe - Powered by Reason Core Security