home

setupdownloader.exe

Bitdefender SRL

This is a setup program which is used to install the application. The file has been seen being downloaded from cloud.gravityzone.bitdefender.com and multiple other hosts.
Publisher:
Bitdefender SRL  (signed and verified)

MD5:
ee77a888a614b415628c5b711dc62a83

SHA-1:
708fe9c6e0110e435238f8e626248aeab64eb57c

SHA-256:
e475d11d1193c3a9f9f45f7e3afcc354ced913f694ef42a665b94ff134591d0e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 4:30:24 AM UTC  (today)

File size:
3.3 MB (3,414,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\temp\bitdefender1465590134\setupdownloader.exe

Digital Signature
Signed by:
Bitdefender SRL

Authority:
VeriSign, Inc.

Valid from:
12/8/2015 9:00:00 PM

Valid to:
3/9/2019 8:59:59 PM

Subject:
CN=Bitdefender SRL, OU=PD, O=Bitdefender SRL, L=Bucharest, S=Romania, C=RO

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3DB29A3651F3F5E49CE079D283957630

File PE Metadata
Compilation timestamp:
2/3/2016 4:38:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:2YIxq9C6XIbnqw8b6oIird+UhA+dyPrLy/HWxSXuxeAEFbwY0GIvICT/:2txq99XHw8WoIiH8rLy/OU0GKz/

Entry address:
0x11CBC

Entry point:
E8, 87, 66, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, 83, EC, 04, 89, 7D, FC, 8B, 7D, 08, 8B, 4D, 0C, C1, E9, 07, 66, 0F, EF, C0, EB, 08, 8D, A4, 24, 00, 00, 00, 00, 90, 66, 0F, 7F, 07, 66, 0F, 7F, 47, 10, 66, 0F, 7F, 47, 20, 66, 0F, 7F, 47, 30, 66, 0F, 7F, 47, 40, 66, 0F, 7F, 47, 50, 66, 0F, 7F, 47, 60, 66, 0F, 7F, 47, 70, 8D, BF, 80, 00, 00, 00, 49, 75, D0, 8B, 7D, FC, 8B, E5, 5D, C3, 55, 8B, EC, 83, EC, 10, 89, 7D, FC, 8B, 45, 08, 99, 8B, F8, 33, FA, 2B, FA, 83, E7, 0F, 33, FA, 2B, FA, 85, FF, 75, 3C, 8B...
 
[+]

Code size:
115 KB (117,760 bytes)

The file setupdownloader.exe has been seen being distributed by the following 22 URLs.

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9hOTFhYjYvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiNXpxUUJ5TmtNMnNoNTdaRGpVcUZtY3hSa21FIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlDU0dVdFduY3ZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z6TFVWVF0uZXhlXCIsXCJpZFwiOlwiZmE1MjhkYzMyM2EwNGIzZGI0MDZjYTA1YTlkNWViMTVcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9DWldPOXcvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloudgz.gravityzone.bitdefender.com//Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZGd6LWVjcy5ncmF2aXR5em9uZS5iaXRkZWZlbmRlci5jb206NDQzL1BhY2thZ2VzL0JTVFdJTi8wL0c4QXlJdS9pbnN0YWxsZXIueG1sP2xhbmc9ZnItRlI=].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9pYWplcVMvaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

https://cloudgz.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZGd6LWVjcy5ncmF2aXR5em9uZS5iaXRkZWZlbmRlci5jb206NDQzL1BhY2thZ2VzL0JTVFdJTi8wL0NPcjRSVC9pbnN0YWxsZXIueG1sP2xhbmc9ZW4tVVM=].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC85dWZjREEvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9pUE01ODUvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC81Nlk4RlIvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC80VmxzaVQvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9GSXlNRVQvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9QUFJRN2cvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9uLVo5Qi0vaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9WOG1PZ1IvaW5zdGFsbGVyLnhtbD9sYW5nPWVzLUVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC80NXV0cmkvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiWUVIQnZkYkpPb3FuSVZ4Umx2M1hhS0ZiVjhzIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlxYTFCaFkyRXZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z1TFZWVF0uZXhlXCIsXCJpZFwiOlwiMmFjZDM2YzAwMDU5NDQ1MDlkZWRhYjdlZjRhY2ZjMGJcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoicFgwcXh3S1RBUVJldTdqWk9fWC1oRXBxSGRrIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjSE02THk5amJHOTFaQzFsWTNNdVozSmhkbWwwZVhwdmJtVXVZbWwwWkdWbVpXNWtaWEl1WTI5dE9qUTBNeTlRWVdOcllXZGxjeTlDVTFSWFNVNHZNQzlZTmxWT2NFTXZhVzV6ZEdGc2JHVnlMbmh0YkQ5c1lXNW5QV1Z6TFVWVF0uZXhlXCIsXCJpZFwiOlwiYTg0NjVlY2YyODFjNGU2MGIyMzQ2MmVhOTMxNGZhNWJcIixcInVybF9pZHNcIjpbXCJlYzQzNWExYWU0YzE4MWI3NGNkZTY1ZmU5ZjA5NDA1MWM5ODYyOGNlXCJdfSJ9

http://emc.services.bitdefender.com/track/click/.../cloud.gravityzone.bitdefender.com?p=eyJzIjoiZkNycEVOM0oxaW9VVXg4QjNmd2M5NEVSbktzIiwidiI6MSwicCI6IntcInVcIjozMDUyMDcyOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Nsb3VkLmdyYXZpdHl6b25lLmJpdGRlZmVuZGVyLmNvbVxcXC9QYWNrYWdlc1xcXC9CU1RXSU5cXFwvMFxcXC9zZXR1cGRvd25sb2FkZXJfW2FIUjBjRG92THpFd0xqTXdMak13TGpVM09qY3dOelF2VUdGamEyRm5aWE12UWxOVVYwbE9MekF2WTAxdlRXZFZMMmx1YzNSaGJHeGxjaTU0Yld3LWJHRnVaejFsYmkxVlV3PT1dLmV4ZVwiLFwiaWRcIjpcIjE0NzA1M2RlNjZhMjQwMjk5ZjA5ZjRiNGNlODU2ODIyXCIsXCJ1cmxfaWRzXCI6W1wiZWM0MzVhMWFlNGMxODFiNzRjZGU2NWZlOWYwOTQwNTFjOTg2MjhjZVwiXX0ifQ

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9PZHNJdWovaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC90ZmpBSDMvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9Ody1tT0MvaW5zdGFsbGVyLnhtbD9sYW5nPWVuLVVT].exe

https://cloud.gravityzone.bitdefender.com/Packages/BSTWIN/.../setupdownloader_[aHR0cHM6Ly9jbG91ZC1lY3MuZ3Jhdml0eXpvbmUuYml0ZGVmZW5kZXIuY29tOjQ0My9QYWNrYWdlcy9CU1RXSU4vMC9laFEtdUovaW5zdGFsbGVyLnhtbD9sYW5nPWRlLURF].exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.