home

setup_nexcafe.exe

NexCafé

Nextar Software

This is a setup program which is used to install the application. The file has been seen being downloaded from baixar.nexcafe.com.br and multiple other hosts.
Publisher:
Nextar Software

Product:
NexCafé

Version:
5.0.0.210

MD5:
d464d0220d5030db8b27e3ee6262ef8a

SHA-1:
944c59dc2ea3089f13d4a6b6352e7675c35d4398

SHA-256:
e5fa23d825f8dc166a1310e2354e135866b0cbd86d4e55c2a49d9ff9c17900ef

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/15/2025 9:26:17 AM UTC  (today)

File size:
34.2 MB (35,897,856 bytes)

Product version:
5.0

Original file name:
setup_nexcafe.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setup_nexcafe.exe

File PE Metadata
Compilation timestamp:
4/2/2015 2:35:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:x8xvPZyDc2LlLrpiGDcXMIjpBuGp1+7soAzAl7zEH1yfB7hEUbe+DRYZ:exv0XL1rpiyybr27so4K8cfP/eAY

Entry address:
0x2CAA84

Entry point:
55, 8B, EC, 83, C4, F0, B8, A8, 68, 6C, 00, E8, 74, D1, D3, FF, A1, 48, 76, 6D, 00, 8B, 00, E8, 5C, 4B, E1, FF, A1, 48, 76, 6D, 00, 8B, 00, B2, 01, E8, 36, 6A, E1, FF, A1, 48, 76, 6D, 00, 8B, 00, BA, F0, AA, 6C, 00, E8, F5, 45, E1, FF, 8B, 0D, 28, 7A, 6D, 00, A1, 48, 76, 6D, 00, 8B, 00, 8B, 15, 9C, 4D, 6C, 00, E8, 3D, 4B, E1, FF, A1, 48, 76, 6D, 00, 8B, 00, E8, 69, 4C, E1, FF, E8, A4, A7, D3, FF, FF, FF, FF, FF, 20, 00, 00, 00, 4E, 65, 78, 43, 61, 66, E9, 20, 2D, 20, 50, 72, 6F, 67, 72, 61, 6D, 61, 20, 64...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
2.8 MB (2,919,936 bytes)

The file setup_nexcafe.exe has been seen being distributed by the following 4 URLs.

http://baixar.nexcafe.com.br/.../setup_nexcafe.exe

http://www.ranchsendgift.com/Jy0KrX1gjViTeoXpwZQLYX1wL6pxN NCpo3I3qa4wfiC_klhyf07rnGFTAo2sb5il3rFfrHhYdQM8gTWf6TaGa4Kt63HpzPVMy7igcDeltbAdReMfdnGudQ9mLmrvUvHnFGfNmlrkQ0avW40t9fqSOkw0ZFFiIulhz0 DkY3LEkx8QhQzhXxH3C 7hC9zrrgYon0k4kihN52qc4fdv fVbtMdwuT_eSTTjYlM3TuHFpW8AqStRhPCDvM_lqOZ197RBuuKPb sak4zDWqfg1M86J5jiWunBegQurfJBRK8igt3M1kgmXCnA8OSrB4 cQhJ36OflwloBxoHZjlPpVdFRWTisz1sW0mYkNlDMXfwbGy64erIFnaMbgOHIgVtPT9FfCL5pPRpjCiCyGSZhLjiCyUvAUwaGn33FIEjs_QBWrvZUtQiW1oVgMLLKa8nQbVyNAp0GLNyQBZCVi4VqmbM2liZczL3tDkScAHcq4lHrag0foEIyTIqUuTWxHLOzU_yBCDOzyzJ3SOnKXcE6wgm6fqFeLlwPntBOckmdd1JuteEKPV Q=-GyQAAMQph1bI1ToeTu9CDCFlF41p4IkaCxq2H02fhuCjCw==-e

http://www.ranchsendgift.com/f0wi7EtMoMJ5N7wvPDFsNwbu1G8w3V1C_iL6X90L_93JbW971j40YD2qu18Pl_lZUk2MPokch MtdUW3z5Yk7bsDZRRf6y7uVcQniBBNttu_mLYt4m8FYw_tfoGSrGJZLfRYMjSPtMTUx4UmUTiJNUl9__a7W lATexAKx2Zj6HStmvKA6qJUHqAbrVVBnY84beQYo4onxjuxfhPv2j4N0zGI4sRgQ==-GyQAAMQph1bI1ToeTu9CDCFlF41p4IkaCxq2H02fhuCjCw==

http://download.nexcafe.com.br/latest

Scan setup_nexcafe.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.