home

setupdownloader.exe

Bitdefender SRL

This is a setup program which is used to install the application. The file has been seen being downloaded from cloud.gravityzone.bitdefender.com and multiple other hosts.
Publisher:
Bitdefender SRL  (signed and verified)

MD5:
fc0f562ab414c845050ef6ed74facdce

SHA-1:
5f1b3418426aac91e05f857e715ac10d6c16a848

SHA-256:
f79bbad8b13256bf8f23afb1c4dce429733e451fea3172eb008fca316bde1843

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 10:47:08 AM UTC  (today)

File size:
3.3 MB (3,414,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\bitdefender\bitdefender update server\var\www\downloadablekits\11_6.2.9.751\setupdownloader.exe

Digital Signature
Signed by:
Bitdefender SRL

Authority:
VeriSign, Inc.

Valid from:
12/9/2015 2:00:00 AM

Valid to:
3/10/2019 1:59:59 AM

Subject:
CN=Bitdefender SRL, OU=PD, O=Bitdefender SRL, L=Bucharest, S=Romania, C=RO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3DB29A3651F3F5E49CE079D283957630

File PE Metadata
Compilation timestamp:
2/3/2016 9:38:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:7YIxq9C6XIbnqw8b6oIird+UhA+dyPrLy/HWIoCeAEFbwY0GIvICTv:7txq99XHw8WoIiH8rLy/FoCU0GKzv

Entry address:
0x11CBC

Entry point:
E8, 87, 66, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Entropy:
7.9621  (probably packed)

Code size:
115 KB (117,760 bytes)

The file setupdownloader.exe has been seen being distributed by the following 16 URLs.

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9xTFdWOWwvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud-ecs.gravityzone.bitdefender.com?p=eyJzIjoiMFg3Z2hDcHk4c0E3b24tei1nNkNJNElXeWY0IiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLWVjcy5ncmF2aXR5em9uZS5iaXRkZWZlbmRlci5jb21cXFwvUGFja2FnZXNcXFwvQlNUV0lOXFxcLzBcXFwvc2V0dXBkb3dubG9hZGVyX1thSFIwY0hNNkx5OWpiRzkxWkMxbFkzTXVaM0poZG1sMGVYcHZibVV1WW1sMFpHVm1aVzVrWlhJdVkyOXRPalEwTXk5UVlXTnJZV2RsY3k5Q1UxUlhTVTR2TUM4dFVYZGZNMmt2YVc1emRHRnNiR1Z5TG5odGJEOXNZVzVuUFdWdUxWVlRdLmV4ZVwiLFwiaWRcIjpcIjk0M2I3MGZiYzQ4ODQ5NGE5YjAwOTg2MDZhM2MyMWU5XCIsXCJ1cmxfaWRzXCI6W1wiZWM0MzVhMWFlNGMxODFiNzRjZGU2NWZlOWYwOTQwNTFjOTg2MjhjZVwiXX0ifQ

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9RbTFfQVAvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiNmlwQkNVSXdka3JpTW56QlN3SHFNdXpJLW1vIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlmYW5SRlFUa3ZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiOWViMjI5YmVmMTUyNDcyMGE0NDNkOWQwY2UxYjA3NGJcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC8xUldWeWkvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9hVlNjLV8vaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC80N0Rya1kvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9jYXNTX0kvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiTDRGTm1CM3lORzd3TVVaNHpaeUoyVG5nUXJnIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlRWDJkSlV5MHZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiNTUyZjM4MjYzMjQ5NDc5ODhkNDE5N2Y4YjQzMGFkNjlcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9MdllxVDgvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9sekhiTFUvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC83SkQ0aFovaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9qY2xqS2cvaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiSTZrYmtRV0d1enVCUzJGX0tyNGxEc0xueTFjIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlNT1VFeGFGSXZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiOGFhZGI0NWYyZmZiNGVlMmFjMGIxYzExNGQyMTFkOTVcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC91WDhJbE4vaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC81ZF94VEwvaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.