vectorious_diwali_vectors_set,_30xeps_downloader.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dll513.filedatabase.biz.
MD5:
4316d5e3f4bc827b9fd5c2d1c4d70648

SHA-1:
ee59ddb543f1db11b7197a9b0c553f1b4922ecfd

SHA-256:
c4649c506009b238642ed817b4754e2c4053555195bd420ba65b6770f2d8f8cb

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/29/2024 4:54:13 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Heur
2014.0.4189

IKARUS anti.virus
PUA.Expressdownloader
t3scan.1.8.5.0

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141221

Trend Micro House Call
Suspicious_GEN.F47V1223
7.2.84

File size:
3.1 MB (3,212,402 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\vectorious_diwali_vectors_set,_30xeps_downloader.exe

File PE Metadata
Compilation timestamp:
10/20/2014 8:47:57 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:Y6mnKhD2QKtmHUIgMyWyCfqciBBdiJvqZUzHdffdPiQbT2xIt:Y7cUIgMTfq18rdf1PiI26t

Entry address:
0x40B194

Entry point:
E8, CA, AE, 00, 00, 8D, 84, 8B, 90, 03, 00, 00, 60, E8, 93, 9C, 00, 00, D2, CC, 5A, 14, 60, 16, 4B, 32, F4, 9E, 1C, 92, 16, 94, 1D, B5, F3, A7, B2, 04, A4, 0E, 9A, 1C, 9E, 40, 2A, 78, 39, 7D, 2B, 83, 25, A1, 25, 81, A5, 10, 6C, EF, CE, 6A, 45, 85, E5, C9, C2, EC, C2, F0, 2B, ED, 95, 99, 11, 97, 0F, 96, 50, 07, BE, CE, A8, F8, 00, 50, 3F, CE, 14, 86, 3C, 04, 96, AE, 9C, 90, 26, A0, F6, A0, 62, 28, 67, 81, 15, 6A, 31, 7B, 3D, 7D, A9, 2E, C3, FB, 69, 77, 1F, A5, 49, 49, 7B, 6F, 3B, 76, 54, 72, 20, A6, FC, 8F...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
771.5 KB (790,016 bytes)

The file vectorious_diwali_vectors_set,_30xeps_downloader.exe has been seen being distributed by the following URL.