» thunder_dl_7.9.43.5054.exe
Overview
Analysis
File Details
Downloads (65)

thunder_dl_7.9.43.5054.exe

迅雷7

ShenZhen Thunder Networking Technologies Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from down.tech.sina.com.cn and multiple other hosts.

File name:

Publisher:

深圳市迅雷网络技术有限公司 (signed by ShenZhen Thunder Networking Technologies Ltd.)

Product:

迅雷7

Description:

迅雷7安装程序

Version:

7,9,43,5054

MD5:

619561c7fac0dafd5c1aa2007b9c47ee

SHA-1:

31b5ffe21ddb55a0a1d5f9bfb27f16f1838e2781

SHA-256:

0415fa532a5f54e287a147645702b771631977c40aa1ef5cd678368eaa2e5ecb

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/2/2024 3:39:38 PM UTC (today)

File size:

32.2 MB (33,800,048 bytes)

Product version:

7.9.43.5054

Trademarks:

迅雷

Original file name:

ThunderInstall

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\thunder_dl_7.9.43.5054.exe

Digital Signature

Signed by:

ShenZhen Thunder Networking Technologies Ltd.

Authority:

VeriSign, Inc.

Valid from:

6/16/2015 8:00:00 AM

Valid to:

7/26/2018 7:59:59 AM

Subject:

CN=ShenZhen Thunder Networking Technologies Ltd., OU=Operate, O=ShenZhen Thunder Networking Technologies Ltd., L=Shenzhen, S=Guangdong, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

22924899CDFCA0AB28CF2F91C8F2248B

File PE Metadata

Compilation timestamp:

11/11/2015 3:39:29 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

786432:/o4S0YROTpFXcqtlcHCS+1fqTxWpjs5ZP618AIAinrOFnSAc:zSRREvX/ccfqTxn6S5FGnS7

Entry address:

0x8D420

Entry point:

E8, BB, 1D, 01, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, 6A, 20, 01, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B, EC, 5D, E9, DF, FF, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 0C, 75, 1D, E8, 3A, 36, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, B1, B2, FF, FF, 83, C4, 14, 83, C8, FF, EB, 69, 8B, 45, 08, 3B, C3, 74, DC, 56, FF, 75, 14, 89, 45, E8, FF, 75, 10, 89, 45, E0, FF, 75, 0C, 8D, 45, E0, 50, C7, 45, EC, 42, 00, 00, 00, C7, 45, E4, FF, FF, FF... 
[+]

Entropy:

7.9958 (probably packed)

Code size:

726.5 KB (743,936 bytes)

The file thunder_dl_7.9.43.5054.exe has been seen being distributed by the following 50 URLs.

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=60.54.68.18

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=43.252.46.2

http://down.sandai.net/.../Thunder7.9.43.5054Preview.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=118.100.178.212

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=3&ip=10.81.11.168

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=36.85.137.231

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=219.92.175.153

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=210.242.214.28

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=14.192.215.142

http://cdn1.mydown.yesky.com/5702867b/707be3b4d9e2872c1b2c0361f1ff9590/soft/.../Thunder_dl_7.9.43.5054.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=121.121.62.209

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=3&ip=210.242.214.19

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=3&ip=192.228.181.39

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=121.121.98.207

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=175.140.79.33

http://cdn1.mydown.yesky.com/5724bdbd/28de83e92561428113d644afc85daad4/soft/.../Thunder_dl_7.9.43.5054.exe

http://58.27.38.6/cdn1.mydown.yesky.com/5748f596/53675d86a49eb97f2c71cdefa65c242a/soft/.../Thunder_dl_7.9.43.5054.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=175.139.73.139

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=3&ip=175.136.131.37

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=175.136.138.169

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=123.100.149.8

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=10.81.11.168

http://softdl.360tpcdn.com/.../Thunder_7.9.43.5054.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=81.71.202.15

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=124.13.250.46

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=69.124.53.55

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=210.187.194.128

http://cdn1.mydown.yesky.com/5749a7c7/a8ecef766e80974ded1cdb9683e834c3/soft/.../Thunder_dl_7.9.43.5054.exe

http://down.tech.sina.com.cn/.../d_load.php?d_id=2612&down_id=4&ip=60.48.64.183

Latest 30 of 65 download URLs

Scan thunder_dl_7.9.43.5054.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.