Hi Steven Winderlich,

The

sample_1.exe&ini=open.ini
makes it suspicious looking enough to qualify as malware.
See: Up(nil): unknown_file_$INSTDIR/GreenDou.exe APNIC CN abuse at gddc dot com dot cn 113.107.56.85 to 113.107.56.85 qiniudn dot com htxp://vvdown.u.qiniudn.com/exe/0.exe?download/av2015-202-12554.exe → http://support.clean-mx.de/clean-mx/viruses?id=17409280
https://www.virustotal.com/en/file/308a13460daa2e6cb624bf91d08391d2e2a457dee57f31f9ebd8d3e77b200fe8/analysis/
Generic Genome Downloader variant, there also missed by avast! 29 out of 47 detect :o

polonus