home

cod4mw-1.6-patchsetup.exe

JetBoost

BlueSprig, Inc.

The application cod4mw-1.6-patchsetup.exe, “JetBoost Setup ” by BlueSprig has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
BlueSprig   (signed by BlueSprig, Inc.)

Product:
JetBoost

Description:
JetBoost Setup

Version:
1.1.0

MD5:
4411f28524195b90157c4528123d627e

SHA-1:
2c01e61866fb4c6f794fa00f1d55d7d20560b5ce

SHA-256:
5c2115d1b041ced33704824307995565fdd88c86bb90d1fc171480482219238f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 8:09:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.BlueSprig
15.4.2.1

File size:
2.9 MB (3,036,984 bytes)

Product version:
1.1.0

Copyright:
Copyright© 2011-2012

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\cod4mw-1.6-patchsetup.exe

Digital Signature
Signed by:
BlueSprig, Inc.

Authority:
VeriSign, Inc.

Valid from:
11/3/2011 1:00:00 AM

Valid to:
11/3/2013 12:59:59 AM

Subject:
CN="BlueSprig, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="BlueSprig, Inc.", L=San Fransisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
589D023EC02E552CDAA00B1FA0FDCA85

File PE Metadata
Compilation timestamp:
12/20/2011 3:16:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:OsA5dpXs6oVjLZHrRGA/EUMleKudRWDNG6Lg78AZv7XLqHn67T+lncFV:I53diE7lCQGMaF9bqa7T+23

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9804

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file cod4mw-1.6-patchsetup.exe has been seen being distributed by the following 33 URLs.

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1443502849&Signature=CKexfMjgG3OwgXFDM-2ef9bEM4UD2HszT4j9Z7GklNZM795L5hp83SPwMxrPE8xetDQdDHWJQNms9eeiqo18DepZqZVtIzJ-YfkC0qkqyH2lrAL~RkoW3NTxEwmevFx0rGF7xNNRmMd9MP2hyy8RDJELFr~4k7GIkF600TeZJts_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1481031716&Signature=GUUpTL6Clktbeo1pI9Kjo64LpYZUVSExQLt9TGh-ShvJIaslN6YRdKvpvJEDAGRwY8P5QomPQHSj23-pWhg8wdYeAinRgIbIJkIFMNzUB0wCdQVIY4H-f0Jx6ZHU3Fc9rQPiG53GPDzMNXlH2UMCstIUWyyLlS9A3JtQz623704_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1480923665&Signature=UUZ3OkAk7TH-40kR30rcMvUiT2AryioCeUUMWRskAenyrpPxCU27X8F8iL~rAFbn72OepwM8iOdoNbDqgHCaBR6qp3L7xpXKaPuL~T9FyKFk1eYn5rhpj1YJbOwwzWiQ2gauayT71MaQQlQyq~Aw8XvDoQ-AS0TQv-CT78AoG-k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1463239198&Signature=MfCZhhaJ7JOWE0WiR~h7DLGxpmhjeM1~rKw0nMyMtcfnUckAW12pk1LPdzNVBwnwdYqd1UPFvQg9i64wIq3nWKokRFom44bBgGhqP-mhUFby4RjMIT7Y27k0jDd8onq5Q00~GnBrL0up3x7eQVQmubhbfm6S1eTIHrw8wQ49UjA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1481406523&Signature=ZF-Mm6RyUpemCidCVZmXpn9RdyptLGLZJxKqqUdq46W14HCUUw~u1f3Id7jK2KkEWznPuT6YMtodxKPtJr9IeVv8iXoVMFSgLeqetaxQk8a3KLtpWmeuuC-ttm1Oq9CQtpyEAK9bauoHcj5x5FxwQ8JezHL0HMGWldvMmxQF6gs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1480269138&Signature=YdGp~gYkoUjPFMJDclVSUMWFSAgC0Xa-4xIAGncWf7pR2HsE7B1pVJDCTJjkcULb1G6vu7A8MkVp7mCCTBqlz7nqDuXgb9E5V6rPJTpgjaxksCbBCTP8AQ6EYhLNpjAT~-af5NJyBp46rtCHvD05jkRsUrI8dSVWWsIPr~~Hl6k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1470553651&Signature=feuTLivpP6B~lxWrWzqDO9rHsiKqJnaMxPrVj8h4TCqli1iJQREzqwdhmJwymup4NgegYhpuGqEPYBls7lJw2ayCuVxSpi6ZOjQ~N3VtWmgiUi9lcn3KVKV75zs18QZqUCk-N4vAw~jeaqtCpDwI43yj99vqRgUO0X6N9ZJV838_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1477212775&Signature=As1nrJr-RF10Y0eQJckSLaZ7KsJN27llCIfDJrB32IKbatknmj7-QIoKL8TVbzuXcR7GIxx4Wf50onpw9wsOxjwmhICdeh-HHzGYxE2ft-zzJLG6xiLpLPGJt5MQf~-xZQ3Uj-hznO4OGVOR1ETjPN8xZFki1tTnnAxyTktoN88_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1476892617&Signature=R0ss-fo6q~0bVob~MVNCqLdquO6~fTCjO-DS07i0KYye6U6ygli~yh8JRbSg3UpxGr483CP4HFOfRHQvQ72IV43sNJA9fbI9jvQAD9DXS~39Unku0m0GXZo4PLSG3--Fna11raHww3qumMZxHtRJJ6uKk3Jk29FtSU5AQLGkBiA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1478110665&Signature=d0pIUtPEvvF6-MEoOnFuVtbdIaC3jJUPt0XIY1wPw7fq4X~UA2IPMGUT0vOdNnPGTjTV1mvMuxElFSVGxhDZezqd3cFiqiIa5aqfHrW~Mcq50-DP3bT6kB0gLHqLcFlLRETmpclmdcRzN8knRRzpS8WmsYEQoldpbipwY5TN~w8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1468753821&Signature=FzJB2B8O4cOAS-nUJyxa8MiqyYEwlb-Z1KhdGJTGFGabQZzJxHUyyspPfPoqOyY~19aZjkT4F7ifiZpUZvMuofT3AVB4MjMGR1MQOp2vlkKQAidNVMPrSeHsYXvub9QYFVKZKiLaBMmLFRxDacUvn0nPVGzn3bpG2WisQMRrBpw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://download1635.mediafire.com/xw1hbf7967mg/.../jetboost.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1470831045&Signature=K4Uk2DaWZxOk173NaWnmSY4HxrNO0lilUj0WmrHyllYzkA0TfGW33D1EmLcpMs~5e1Elwtbq42OoGmbxDEVzmCSqbLzm3ZjraQ8azqbYOsUf1AuNpsRSyH3HH~Nhu4JIYhiODdfLJjwuIHawLP66pp6GBSVi9VTA4SBKZHZYhnI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://download1209.mediafire.com/md978kmu7kng/.../jetboost.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1470813756&Signature=DHg0CNZbiCt-7tttwHWohywqPDzhe4-0PF1IihIDZ5KCUZ~~60bUugq72QDtCPHCCEM6ffT6RbTtocIjAMC-tR~Bg6j7Jhw6VNyp67yedp1K6pmNTNGoMuUK0bt~533BZAtodOd5ltibBtR1-bPoyplzJATTQ-6NCi14zACkAsE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://download1635.mediafire.com/th6n4dvvkhdg/.../jetboost.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1465653936&Signature=ZSLLa3sBCfBOqjts5Ikp9uyeN43DrtZfX9BIelKr~GTSnRAwDK4k1oJnTHYXjHsxESuGWnHbSUyg7ONv5inBpdt3fhC6PIUrln03vc4Mh~nhKVg4xvgheyyLQfTGoXM8CuKy7TJNTP0jyoEPEgMMcfJ2pZQV8FxRyFTbDQIV9JU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1478590482&Signature=JxEc4rR0TA1Xl6m8Ha--kE49etyjou9s6MGq5pFpp07WGS~mwG-I09OIBgA4rFPxFJKpO7sKtcUc2oR0ZP5-9oprRT2PeaJD7urP6iW-FvxW-yAMMZgsmjepCQZFSBHxOdwicesjdKZC9EL4mwHNBfRTkZhDN6A5SsOLGrBsbdY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1475054579&Signature=R~Vae3UP3YNss20hDN7XtUHE5IyLpfIQfPQ~7VqFI8Dnc2~gYbnFEN2vM27GR2h-w7VxDCglgt3V7qntYiA1er4PN3HWOto1W4lb4mw8GfIi82KKiwM~rMrNcJ~h~bLa5d2hMbHFra9tH8x491UcOX9qm-wq1l2jOSVRXw6Wq6A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1478195046&Signature=dRCydOAuJ6EBocXl7OfzIMG9TCNPzr7Ma~rFxvDMKvdHoYymql8zZdZWBf5C7ZzixQreQNORpYGD0ZyubwK9SB~FHTPF0Qd1zk88hi0Q~~fd4fimn2FbQsR420rfLCgm1mIibS2XUFl-52MPTVlyp4xGk0UXRFbLnVRi3nqjO20_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1436252305&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=ROMEuy-cJuHO~9jBBheFOWMUizCLj0HFxqRVNF6ZkN94UbXadMzKRBWOReRcfxGOqo3kjhyHrFZXhV7m6jEzzrUJFNXyg556qDgMAkP6lyCBqCeWWYEQSxg5~cYZYfDyHCvLx1oPSydW4MSNp7XQFsRg-wjdl3oQ8y~TYdkVayM_&filename=jetboost-setup.exe

http://download1635.mediafire.com/c5m43akl4b1g/.../jetboost.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1456165739&Signature=UIyAtE7v3k5LbaAX8YNzeEebwivrLslnPrQ9BMeqJte06owKQkZhmtbuuGac71OO4fgw7L8dKztxeQhmdzXEnR6DVszpUawFrDwZmjtW7OCmDMa4Tp84A8Q1sRdRCW6BtHxn5Q7DjXQcRJf0LLvYJcPgmfr2tm5Ht58gv-ZG1tg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1446894511&Signature=h1xwejfPHciYPQX3GJgWN3916zBLgIlZ1lwJri9~eniDA4FJbZXGWKwvlzfjabCbTab51qIjSwLmVBnczrcEp9-MAAdCbhKvvWuKP3SJ01lbzOvt4Ggf3RAoLJ~85os6sF8412gIGFUxyz~jDx~scJytzfe3AYyYyeNbxfNW4SA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://download1635.mediafire.com/4xmzpowpejqg/.../jetboost.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1463382367&Signature=P4sVkN27WKPUYCy3bjYpySiDD~l9Z0OOvYxNoGjKfFtirGK66imCth0gdvBiPIgBE2f66~qqZPZ~jren1qRJJ-qmUiT~Og7ShHL54VGJ06V3gEeWPeYhh3pDXFdL8BK7-LDv8v4tBCEj4Krkk~H0973y5UL5JljTuYb~QObJ2GM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1461585606&Signature=RfL1GSO5RSR6P~3T8FXgNbE-RgSI9P3JmuLwRHJ7Y7py0u~CWpt9LYTTvXajRGKx7OFgvEceryqyOK3G37HKtoHXcxQkughw7RvfJWqRWdP6zPZmTvqRxWuKnik0X-sXTNBvclGT1xWYLaL-8axYC0s9E-wtblzPLfvT0Z8uAxY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1436793818&Signature=D7PjuKpqU2vQiwykmJy1eSPhxiwEUNgesj0JRHpwZsHGOnWtO-71WSve33WglzN15cwJLmqRTCoeZgVppRWkLyyPl-FLT20A8o69HEKXUq09OvAdsgC5JHLeiniv89NE6GdIzaR7gIl2rP91B3pLUHsr07QqgXt7QYEzeRr~8qE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jetboost-setup.exe

http://gsf-cf.softonic.com/2c0/1e6/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3332780&instance=softonic_es&type=PROGRAM&Expires=1424170933&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=CT7p5eUnPKvnE3gWIw31Z4PXIiJMGwS~NVU21VofJGoN~8415xEW3ziqh0lLeZkivL9fB4BHo7ExU3HuEz4HWLp3VgmK~nkMV~9D5aW7CW3oZRLF3XBXtCQppOsspdkFv1aVkFwm~AozQ3OM4VHQCiayGKwBgoDsJRSJ-p1TT4o_&filename=jetboost-setup.exe

http://download1198.mediafire.com/kl7tigpg6jig/.../jetboost.exe

Latest 30 of 33 download URLs

Remove cod4mw-1.6-patchsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.