home

Boom.exe

Boom Audio Player

Piotr Pawlowski

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Piotr Pawlowski  (signed and verified)

Product:
Boom Audio Player

Version:
1.0.16.0

MD5:
d077bb664fcf183c0424afaf2dc61063

SHA-1:
8b3e3fc7cbf8beb0b6aacf00fc153de0c56f7490

SHA-256:
7064f35b450c4bb4a8dcd79b8056486367fa10998db24ca069908b2e93214d0b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 9:44:13 PM UTC  (today)

File size:
2.1 MB (2,236,872 bytes)

Product version:
1.0.16.0

Copyright:
Copyright (C) 2010-2013 Piotr Pawlowski

Original file name:
Boom.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Piotr Pawlowski

Authority:
StartCom Ltd.

Valid from:
3/30/2013 2:23:52 AM

Valid to:
3/30/2015 4:35:18 PM

Subject:
E=p@perkele.cc, CN=Piotr Pawlowski, L=Plock, S=Mazowieckie, C=PL, Description=RW8FUkbQOZtJVf8f

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0951

File PE Metadata
Compilation timestamp:
4/20/2013 2:26:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:xLq9hVrTvLfaNOlLYGGUA9qWO2N4QsEx1oZflhBRBR:gpfw9qWO2NJoZfFR

Entry address:
0x14B763

Entry point:
E8, CD, 7B, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 28, A3, 5B, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 2C, A3, 5B, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 0F, 43, 00, 00, 85, C0, 75, 06, B8, 90, A4, 5B, 00, C3, 83, C0, 08, C3, E8, FC, 42, 00, 00, 85, C0, 75, 06, B8, 94, A4, 5B, 00, C3, 83, C0, 0C, C3, 8B, FF, 55, 8B, EC, 56, E8, E2, FF, FF, FF, 8B, 4D, 08...
 
[+]

Code size:
1.4 MB (1,494,016 bytes)

The file Boom.exe has been seen being distributed by the following 3 URLs.

http://gsf-cf.softonic.com/8b3/e3f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=332788&instance=softonic_it&type=PROGRAM&Expires=1444364230&Signature=IcaHeHbXrIMVR5MShTlRHjoJGi~HbvCTNaagji3E2zsoN5LSdbVM8kb-3zQujEvVePNcplxedeE7v5TgORpGNwLD1awST3aAZcxqDLAEszujjMNWWnvM-BVQB1Uknc5AlToDWFenGItVXteKAukGt635mgLBsDZsVVqvzPFQhVE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Boom.exe

http://gsf-cf.softonic.com/8b3/e3f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=332788&instance=softonic_es&type=PROGRAM&Expires=1436486541&Signature=f-Ci7NK8ZNQXH-09oTWtvrX~R3jcHxpbnjTeubjwPjzdN5M5q3j09Mb~uhtl8BTtxTDLNVJLSxK5cd3C93WB-Pi7smLPIi4rti5COEppTYfFKZLk0SyuCebxsMBB2aKOm7s78M9zs419386Dmm7GLTSia0emHkFa8Wh1L3rhwnM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Boom.exe

http://perkele.cc/.../Boom.exe

Scan Boom.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.