» xampp-win32-7.0.6-0-vc14-installer.exe
Overview
Analysis
File Details
Downloads (25)

xampp-win32-7.0.6-0-vc14-installer.exe

XAMPP

BitRock Inc

This is a self-extracting archive and installer. The file has been seen being downloaded from filehippo.com and multiple other hosts.

File name:

Publisher:

Bitnami (signed by BitRock Inc)

Product:

XAMPP

Version:

1.0.0.0

MD5:

cdc717852094946d8c3f2e28ff0cfa63

SHA-1:

1c68c912940f2e59eb4ed9b5e449b8f9b3835e13

SHA-256:

34d4a3e62c0961be06e2e48353bbfe1956990060f70b1724ecbe542faad91adc

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 2:33:51 PM UTC (today)

File size:

118.7 MB (124,491,304 bytes)

Product version:

7.0.6-0

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\xampp-win32-7.0.6-0-vc14-installer.exe

Digital Signature

Signed by:

BitRock Inc

Authority:

COMODO CA Limited

Valid from:

7/26/2015 5:00:00 PM

Valid to:

7/26/2020 4:59:59 PM

Subject:

CN=BitRock Inc, O=BitRock Inc, STREET=650 Mission St, STREET=2nd Floor, L=San Francisco, S=CALIFORNIA, PostalCode=94105, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2AF02952B60941A4429FE026D6CF810D

File PE Metadata

Compilation timestamp:

4/19/2016 4:41:58 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

1572864:AGlFkNv/OLq58JHrlTdu3nuaxWYf7fa3/epi+LYGR4KgRRQIDBnXE9Dfhk:32vs28JhTkuyT7f2WMuRgRRQIFnyhk

Entry address:

0x12A0

Entry point:

83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 00, 1E, 68, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, 5C, 1E, 68, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, 24, 1E, 68, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, 90, 5E, 00, E8, 2E, CC, 1C, 00, 52, 85, C0, 74, 65, C7, 44, 24, 04, 13, 90, 5E, 00, 89, 04, 24, E8, 21, CC, 1C, 00, 83, EC, 08, 85, C0, 74, 11, C7, 44, 24, 04, 08, E0, 67, 00, C7, 04, 24, B8, C0, 62, 00, FF, D0, 8B... 
[+]

Entropy:

7.9968 (probably packed)

Code size:

1.8 MB (1,911,808 bytes)

The file xampp-win32-7.0.6-0-vc14-installer.exe has been seen being distributed by the following 25 URLs.

http://filehippo.com/download/file/.../

https://www.google.com/url?hl=en&q=https://www.apachefriends.org/xampp-files/.../xampp-win32-7.0.6-0-VC14-installer.exe&source=gmail&ust=1466082045824000&usg=AFQjCNEpij244yiQkSl-MfHZVWNPfpAWWA

http://filehippo.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://filehippo.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://filehippo.com/download/file/.../

https://downloadsapachefriends.global.ssl.fastly.net/xampp-files/.../xampp-win32-7.0.6-0-VC14-installer.exe

http://filehippo.com/download/file/.../

http://www.filehorse.com/download/file/.../

https://www.apachefriends.org/xampp-files/.../xampp-win32-7.0.6-0-VC14-installer.exe

Scan xampp-win32-7.0.6-0-vc14-installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.