home

setup_nex_en.exe

NEXTAR TECNOLOGIA DE SOFTWARE LTDA - ME

This is a setup program which is used to install the application. The file has been seen being downloaded from download.nextar.com.
Publisher:
NEXTAR TECNOLOGIA DE SOFTWARE LTDA - ME  (signed and verified)

Version:
5.0.0.321

MD5:
41104f77f1b47487634997d776de6344

SHA-1:
024e02bf10e3ea492d493df3a0b1aec9843a89fb

SHA-256:
649164ea2e8fbfba1d92f3b9a43a4f484d6f7210cb39c328ca37645b58d2796d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:47:30 AM UTC  (today)

File size:
38.1 MB (39,944,608 bytes)

Product version:
5.0.0.321

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\setup_nex_en.exe

Digital Signature
Signed by:
NEXTAR TECNOLOGIA DE SOFTWARE LTDA - ME

Authority:
GoDaddy.com, Inc.

Valid from:
5/5/2015 8:16:38 PM

Valid to:
5/5/2018 8:16:38 PM

Subject:
CN=NEXTAR TECNOLOGIA DE SOFTWARE LTDA - ME, O=NEXTAR TECNOLOGIA DE SOFTWARE LTDA - ME, L=Florianopolis, S=Santa Catarina, C=BR

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00F80ED4DC4BE6DD12

File PE Metadata
Compilation timestamp:
6/1/2016 4:50:45 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:+ZyRRuYNxF9dRBcwseECkq0zZbf4M2LkyFV+9JDoHnB6I/:UyRRuYNxXrVu00zp4vLlPuJDw/

Entry address:
0x605EDC

Entry point:
55, 8B, EC, 83, C4, E0, 53, 56, 33, C0, 89, 45, E0, 89, 45, E4, 89, 45, EC, B8, 78, 10, 9E, 00, E8, AF, A2, A0, FF, 8B, 35, E8, B8, A1, 00, 33, C0, 55, 68, 19, 60, A0, 00, 64, FF, 30, 64, 89, 20, 8B, 06, E8, 08, F7, C2, FF, 8B, 06, B2, 01, E8, 47, 14, C3, FF, 8B, 06, BA, 34, 60, A0, 00, E8, 23, F1, C2, FF, 8D, 55, EC, B8, 01, 00, 00, 00, E8, AA, 0F, A0, FF, 8B, 5D, EC, B8, 7C, 60, A0, 00, 3B, C3, 75, 04, B0, 01, EB, 26, B8, 7C, 60, A0, 00, 85, C0, 74, 04, 85, DB, 75, 04, 33, C0, EB, 15, 89, 5D, E8, 8B, 55...
 
[+]

Entropy:
7.8922

Developed / compiled with:
Microsoft Visual C++

Code size:
6 MB (6,309,376 bytes)

The file setup_nex_en.exe has been seen being distributed by the following URL.

http://download.nextar.com/.../setup_nex_en.exe

Scan setup_nex_en.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.