cwsminstaller_esp.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from global-shared-files-l3.softonic.com and multiple other hosts.
MD5:
9ce4b7657147d2582f7f5176053c20d4

SHA-1:
391993eae8f85f330ea2ccfa189e8fcdc46a1f82

SHA-256:
e72a2610001eba8a0e1039a334436d5a42a05db78ac0677dbc425722feab0851

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:39:04 AM UTC  (today)

File size:
3.6 MB (3,743,578 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\cwsminstaller_esp.exe

File PE Metadata
Compilation timestamp:
12/15/2012 12:13:09 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:jI7O++FisvISu7q4v7+STreoadbfAH5yObfAH5tBDJA/haKBDJduRo:jI7OXelj+eeo8

Entry address:
0x245C

Entry point:
48, 83, EC, 28, E8, 9B, 17, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 1D, DE, 00, 00, FF, 15, 4F, 8D, 00, 00, 48, 8B, 05, 08, DF, 00, 00, 48, 89, 44, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, 5D, 48, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, C8, DD, 00, 00, 48, 89, 44, 24...
 
[+]

Code size:
38 KB (38,912 bytes)

The file cwsminstaller_esp.exe has been seen being distributed by the following 4 URLs.

http://global-shared-files-l3.softonic.com/391/993/.../file?nvb=20150123201434&nva=20150124081534&token=0e1d6ec23adea2d0c658b&SD_used=0&channel=WEB&fdh=no&id_file=89431&instance=softonic_es&type=PROGRAM&filename=CWSMInstaller_esp.exe

http://cdn.portalprogramas-download.com/d/.../Windows-Start-Menu

Scan cwsminstaller_esp.exe - Powered by Reason Core Security