home

riffsetup.exe

This is a setup and installation application. The file has been seen being downloaded from download1485.mediafire.com.
MD5:
217c2f3e21b440e9172321f56c7b90fa

SHA-1:
1eb567ac2c551010628b9ef119600578601282dd

SHA-256:
0377f36901bdb63d12943e0d8150153231e10ba94e94819aa045ce7f059f47e6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:55:06 AM UTC  (today)

File size:
8.5 MB (8,866,783 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\riffsetup.exe

File PE Metadata
Compilation timestamp:
11/3/2012 10:00:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.50

CTPH (ssdeep):
196608:lcH6O7OWqLrF29Hk2U+nXsVSCOX4EkLk0V2GvAe10w:lcAJXssVHOBkLf2xw0w

Entry address:
0x1000

Entry point:
1C, DB, 4F, 81, D8, 07, E3, 21, DF, 8A, C3, B0, 42, 31, C7, 0F, BE, CB, 0F, AF, C0, 0F, B7, DD, 0F, B6, FC, 6A, 00, 58, BE, C7, 08, 20, FB, 81, C6, 84, D5, BB, B7, 2D, 58, 84, F4, FF, 0F, AF, D9, F6, C0, 31, 81, C2, A0, D0, 41, 81, 35, EA, 0F, 0B, 00, 85, F8, 77, 03, 46, 19, DF, 8B, C8, 69, F2, 5A, 76, 8C, 39, 81, C1, 54, 02, 00, 00, C7, C2, CD, B2, 31, 25, 33, C3, 2B, E9, 88, C2, 0C, C6, C7, C5, F9, D3, F8, 78, F2, 89, D7, 68, BB, C4, 10, 00, 50, 80, D3, BF, F2, C6, C5, E2, E8, 76, 00, 00, 00, 6B, DB, 00...
 
[+]

Entropy:
7.9844  (probably packed)

Code size:
194 KB (198,656 bytes)

The file riffsetup.exe has been seen being distributed by the following URL.

http://download1485.mediafire.com/mb28dd1fiutg/.../RiffSetup.exe

Scan riffsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.