292237_setup.exe

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
091032dc5d5a67a626e1435a6d1e8427

SHA-1:
c3853dc80f053d0c7652f66144675c1cdd723754

SHA-256:
b858c7edbac9cac4a78f9eea79a5cc31940b39e39c2929252db56a5a5284f967

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 8:29:16 AM UTC  (today)

File size:
643.3 KB (658,771 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\292237_setup.exe

File PE Metadata
Compilation timestamp:
6/18/2002 8:53:18 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
12288:XOzIYC1uKEaBC8dluQOdVpRWrF3iIeV2HlOzrZAdgUZyALzwgLvMz5aQq:emEKHVkHEF3KoOzrq9ZTdQq

Entry address:
0x1650

Entry point:
81, EC, 0C, 04, 00, 00, 53, 56, 57, 55, 68, 60, 50, 40, 00, 6A, 01, 6A, 00, FF, 15, D8, 80, 40, 00, 8B, F0, FF, 15, D4, 80, 40, 00, 3D, B7, 00, 00, 00, 75, 0F, 56, FF, 15, B8, 80, 40, 00, 6A, 02, FF, 15, A4, 80, 40, 00, 33, DB, E8, F2, FE, FF, FF, 68, 02, 7F, 00, 00, 89, 1D, 94, 74, 40, 00, 53, 89, 1D, 98, 74, 40, 00, FF, 15, E4, 80, 40, 00, 50, FF, 15, E0, 80, 40, 00, 8B, 0D, 00, 50, 40, 00, E8, 68, FF, FF, FF, B9, 40, 0D, 03, 00, 89, 44, 24, 14, E8, 5A, FF, FF, FF, 68, 00, 02, 00, 00, 8B, 2D, D0, 80, 40...
 
[+]

Code size:
8.5 KB (8,704 bytes)

The file 292237_setup.exe has been discovered within the following programs.

MWSnap 3  by Mirek Wojtowicz
Publisher's description - “MWSnap is a small yet powerful Windows program for snapping (capturing) images from selected parts of the screen. Current version is capable of capturing the whole desktop, a highlighted window, an active menu, a control, or a fixed or free rectangular part of the screen.”
www.mirekw.com
25% remove it
www.Toolwiz.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file 292237_setup.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1447410647&Signature=SRkah9TBufwpg5W9vSIpLpNYoLDaRg0jMgzDvV76ZHfmiITK2X4jj1C8ZHJ3Pa3iGREvjMnWlFdiDBDRVLYq8jFQFEaeHMvJl2~64QQ5nT7zQWLpfkNEi0MJnrHnECpAn6HuYmVwS66k9VbWNMtKueawC2wpEzULtaDGjHY8H8I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1421320216&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=fLYFjYD-mkJeb3R05G-PjkKdHf6bqVhmQcKypGiVf4whg2QcUqP1ewv8lQEBRh94w8cBOOxuhTZnoEuPOabnHj~CCPn2HQEfZgxLStPpN2MfXeJ484O4aJuTtbU122igA2l3PDZjXBOuysUTcO3wQsC7NGC3TVIgrgJ4dJVt9uc_&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1481717608&Signature=WYj3WlMih3RWz9P9dfAgDj4ii246KHJA641CyoooBiRFfUQ7Rwms1l-HwGAAcOanBh3h~UhBnLIkV2CiDEBNLq0ygXjhwx0VMG77q1x3G98uefz9pAoHfQnH6iuXolmQXSgiD1fvJ~vyQJ-5XDe-76LBG-nnAVV-bMrbMAZ-fF4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://www.towncurrentuniverse.com/Zt3DlgvWWnzLFv9otD2xSPJ93a63TgO23dGyU61UmOZx8iK1J5d7U7X_cnjFooUXbwBUNE0uam6YN83Ad530m9jG51Apq8iuxM5pXiJ5M4c_eY1gNfphn1X3IK_lOUqLYmPKy4xjWqukbym5L7hqm3reR__83nQaAgHj0M7Fg5eeoXlTMSOO9aSVoVpept36lt5VcSbz-GzUAAMQ2RzH5YbIEk8EoC1dlsDKYyIFTzTuwHTbGzlRwFG saGQ1Ej2Z2xGSXXuuqw6W8QE=

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1475300787&Signature=iZuXvboL6gRvC2O82uhiBMBZD57HgAtRpsSZ0s1OhvjS3qK30CndlxNoKl-2LqM6YQczZDW~e4KZj3LBKZFzrjzZ3MqwZYrRjNbm2FdwPk1sdxh7C2z8vmHYBA~D9oM3Ov76oOufnGhQm89bqhWVPf~U2nU1EwliYonYhYXkhU0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_br&type=PROGRAM&Expires=1486689632&Signature=B5VPXwoPd2P0Z1Kz0z9-hVr3WNMqyzyiEZvnX1afn4a4Z94i8c7D9Tr5OW1EzrsQSHtgotqBMG9wYrZG3oR9hG8nBokXCUdsJXSv3ltczgjs9mgu8DWwoSRuc7ZwbgLqC23-PN3kxTx7VLEPCr9eyDZHA9v9JhMsLqZDfC6p-A0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://www.go4it.ro/.../16105363

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_en&type=PROGRAM&Expires=1476592364&Signature=fN1oAjnlZXoK5uVYbDEGrW7kFFBvCCClnetHZtfkmU2HhJaBkHl~n6RUg20OcP5se3MZfNJHRj6wFHF0Tgp5ENp2nuWZvwRrTwqe9LF~lj9dMCO2n8bADUhxGBxauWGGyOFuxqoQTXgdRfA-gnywFF47Gn-O3Fh5JK-9F-tE9BY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1421413147&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=AvUyegmaGAhk8nhZ6Q4JW~j97byRxZqx-ylQt1thfT6fwwPE9Kmn~Hlibfv7mwjFUVBzjvIjK7tRGamTlRn6ZgaYYj9sX16g97ueVtMqZRogenCJIauSd8X1pT2XdMDLnVjU1sZvgMe0N4PwhtgeElO15Due07LBrZCaDWmFI58_&filename=MWSnap300.exe

http://global-shared-files-lw.softonic.com/c38/53d/.../MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_en&type=PROGRAM&Expires=1442481938&Signature=ApTSlg52~JzORRxrl0--ajv-xNXGi6-zRkxseCQxlsou72gsZowScXLZshvyeW23y7Oon4xobqRjRW2i6bMB~P2MQ8qiUTtiRg3oNUmCcuhH9RQuRF2c8MrKuJTIWEgxZR8B5mBn~TJOyJbFmeG0n6PlRb3Yc7O19R5RhlSQMrw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

https://docs.google.com/uc?id=0B5-ATUdCsLD2dHVBUzVEbUZrZGM&export=download

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_en&type=PROGRAM&Expires=1465542762&Signature=U-OEu-kgyINbdgjXncF2ov6PPk0T8U-AC1ITVxKyx2-tUlVpi0DjS8~vIJf7J1mPkXJZcMzTWp77-kYB011FVDDLJYH-OEAwp8owPxlx-stjMXbrWXNL2-rxSSz4j~OAnGx76eBS54OvnzS0IHh633NSWEB7fnopJb1ew9g2pkk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1439346305&Signature=Oh27EQR6olv6GOuqQc5CmA7Z4wxRteReMGFbb0Jwjio4azVeR1AV0mnV5vJTMp-gq56ZsgdlmFn~TK5po3osxLaSfPDGXmic9CIKeCTtcf6G6OmXivl6D5JBeK509clj5vkt2poNqxNZhSIdk1s3WLGe4YjQcxdilqOxVug9SM4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1425575579&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Fa11o0PPLUPzh4fX4NwXVpeRl72z2Yg6DfcTSrwwToH2E4gTCDpa1TUVuBaW4Nr0BPdkaRQoaiT-wqz7JH~aJJhi97G8eY4jaTEO2atLUpYEuQGVGvvpsHw~PcUC7Gar-3J9xQGU9dJOx1TZAcyNMY590lZkmi2YBLtvWuEoW48_&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1478322447&Signature=aB9kEk7ROuoFFGTVJjb1cfGhMzrh8zI~SNItZlRXTTVpbPHh7u8dNAIz1~j7ueX68V9QIG4TcuYNM~LMbsJ8ZMiql1CCHHjNjcmPoujfzy6x2kmN3AMFjxuQjYozuHOGMVyVAiS9VEckP6EFEjg-PwhULlnP~GK28hANCGXYsOQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1441000133&Signature=WSvvfBJvYRqign9JoIMhfqd3bli14w1h5iVKC7WNY5GOEIgd0n81nKBigHGorf2AuGoFjjOgTx4gi5ONoHgvFuO66EwTawJ5Kp14WEvvD5wAEzqS2y51pBinprvkGvU5ZR~kw-RMDWTPky69cSni2~JSVyPQXejk8qHP2Nuewcc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1475079508&Signature=WWXGzkxX1GcEN410s104GDRncwE2MIKjK9YPOnwnEQ-UUL~kkFeUHr23-zgooIluQCIDYsWUIuLa3HnJgkqkX~06wODkgdNkJeOmaSaEVRkILJVlQSpnM~t8Aq-3WYLs6CnXLKZG4soT3uOBzCMD0fNc~cE7PcYiyuO9ZCrpaxE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_it&type=PROGRAM&Expires=1439846166&Signature=AlfFoCePayn7kOXpdmcbeyt-uRkORtzdO~2GKhjE94-tP05Wk4zIdVs98R4DP2JQccQlpQKRONaUSrHpGhw~Z92sM82hZ1qSDVbiVWvG7Zx6LL9YGuIycqIaxMNeXDX3RXwdmmoM2Ie-4W-7KLSLJplYNMShVonJqa9vWCDlpJg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://www.01net.com/.../telecharger.php?id=18016

https://mwsnap.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOz5 I2b148tYAdChpKA8edNAdYSpjP2PGZfvdCVlaBNdZh0iKlq2cGQAzvHV26OoVZ98Kowf2xZfamAP8lpYEnhBtlOY0pmx/XcAFB2SRGtFE1I2j2/.../I=

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1476518892&Signature=BIZ0Q1eIbyCdcvaGwYcaIqfFN~zw-zDzugDOMRma8HBRgpd9q5Wcluh4Kf39RUZvhAwPvy-Y5PAH6ZdCO72RKUD-Oinnu~tAGdxWqu8lUsN-BhO2LEUcUZXsrmXqx6rZmTAh4h7~zJ~KHrZesCLEcw~cRZQCdcVN2QKcIAwxj~A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://download.informer.com/.../mwsnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1477468204&Signature=K0OEe27OCZINhfzP5p5LMfn3MQz3KBM724~TfAYEHALoAHy5wwyYthkifng~eHjC1Ba117ckb4UaJFeXG0mer8HhOZeUZIfp7zTNtq4FOoKm7qkdVR4OVTUsdK97-GD0p36yEneI9~GxQ2xupwUCrhfDpqneB2RoQGNT3u7uyGI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1433007375&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=XkILQHzwLCuNMr97oOmslFUdfKAZa0bjgFkc~A982rlpr0Pqc7bFVd766i-0gCSAZhiScIVoZzOQvBnvmtql-3FXQzb~o8Ev4j3~OHS8tTmBfXjuKUmagOKZtTDAPZ2rYz5l1XKInBT~CSb8CaMEd5bHBScQV97eu27s2otXIzA_&filename=MWSnap300.exe

http://download.informer.com/.../mwsnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1473058946&Signature=iVpWcHJj65G~WJ5vgG7lWCtfR7JVS0TRliUevn1drzhEdj~yF1TnZRn4BEpnVzQq-HeH35Zw9-Tky0gxBE95zM~Pak~YDsGOR6KINr2XlMExIZEmNzowNMPEF3AoDgk8~tQQkFQFr603jzoFxmHJzAPyeKkpj3dn9fTnGl76qgY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1477382130&Signature=QC59HA7vngtjmmxgmFI3UNI9ky3kEMp~SsV5hDPxxYrDEoL1HyCqFE5bHtFRFvhM~-k3dlBqAAMcRnnif1K0iKmNXR-yp1qJS-azOrvcn5w3yckRg0Q3TlezxzLCKUUpeVstFrO8E-k65-3W5qaIIABt7~R8QeJ7bz7yYG3ekvw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

http://ftp-stahuj.centrum.cz/dl/2c33fce8c025c5f62e41a2cc726e7f21/5649bd4e/stahuj/download/software/secured/m/mwsnap/.../MWSnap300.exe

http://gsf-cf.softonic.com/c38/53d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16866&instance=softonic_es&type=PROGRAM&Expires=1478591506&Signature=aP5R5Txc1gSzrZ0JzLHbybzg847hjOqS6CMmEMw-aVz~QMhASowy5nRR-kSZGQST41Nz-AZJCQl8jC5cBalTwLbsOLtAVyIZgBvTpaKq-vv0btuycZ4UlXB9Se~oO94lDVCytOs7CkYD8r3S9btrR5vihP2Cv-JO5mJ9dGl3WAI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MWSnap300.exe

Latest 30 of 90 download URLs

Scan 292237_setup.exe - Powered by Reason Core Security