home

sdfa6f8.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from d21m4u3yvwhf8i.cloudfront.net.
MD5:
85bbb0e53527f1271fda0afa2b111e09

SHA-1:
7fe715b4f0c32148668eeb9c1cb87e0e8783145f

SHA-256:
403fae9252cf5800a9c9920b7d3b097084a10d8d3dce6ca52d502121c1f35500

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 7:08:53 AM UTC  (today)

File size:
313.5 KB (321,024 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\sdfa6f8.exe

File PE Metadata
Compilation timestamp:
6/6/2016 1:37:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:d1TFZT8qbTR7SquD4L8vi6H/X8i9DLnHWcefjVo8bS5VJwQ:ZZwgVxGq866H/MKvnolgJN

Entry address:
0x4F36E

Entry point:
65, 61, 74, 65, 53, 75, 62, 4B, 65, 79, 00, 57, 72, 69, 74, 65, 53, 75, 63, 63, 65, 73, 73, 52, 65, 67, 00, 73, 65, 74, 5F, 45, 78, 69, 74, 43, 6F, 64, 65, 00, 44, 6F, 77, 6E, 6C, 6F, 61, 64, 41, 64, 76, 65, 72, 74, 69, 73, 65, 72, 41, 6E, 64, 49, 6E, 73, 74, 61, 6C, 6C, 00, 46, 69, 6C, 65, 49, 6E, 66, 6F, 00, 53, 79, 73, 74, 65, 6D, 2E, 49, 4F, 00, 44, 69, 72, 65, 63, 74, 6F, 72, 79, 49, 6E, 66, 6F, 00, 46, 69, 6C, 65, 53, 79, 73, 74, 65, 6D, 49, 6E, 66, 6F, 00, 67, 65, 74, 5F, 45, 78, 69, 73, 74, 73, 00...
 
[+]

Code size:
309 KB (316,416 bytes)

The file sdfa6f8.exe has been seen being distributed by the following URL.

http://d21m4u3yvwhf8i.cloudfront.net/SilentInstaller_dotnet4.exe

Scan sdfa6f8.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.