» facebook-pro.exe
Overview
Analysis
File Details
Downloads (31)

facebook-pro.exe

Facebook Pro

The application facebook-pro.exe, “Facebook Pro Setup” has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from facebook-pro-app.tr.softonic.com and multiple other hosts.

File name:

facebook-pro.exe

Publisher:

Facebook Pro

Product:

Facebook Pro

Description:

Facebook Pro Setup

Version:

2.1

MD5:

c3f4e17ddf622e1e3d66a39a7a7ec5d7

SHA-1:

8c30ee7ded0a87e4272927cfd748483aa606ccf3

SHA-256:

de13a786b4dd879800ca336427f339cf85d426b19acfb94a763852127e77e330

Scanner detections:

5 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:

2/25/2025 7:35:22 PM UTC (today)

Scan engine

Detection

Engine version

avast!

NSIS:InstMonetizer-CA [PUP]

2014.9-160121

ESET NOD32

Win32/InstallMonetizer.AN potentially unwanted application

8.0.319.0

Microsoft Security Essentials

Threat.Undefined

1.219.1912.0

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D [F]

23.00.65.16119

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

File size:

1.5 MB (1,562,545 bytes)

Product version:

Facebook Pro

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\programs\facebook-pro.exe

File PE Metadata

Compilation timestamp:

12/5/2009 2:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:stLkPx1HnoviEj4VgUh/Rq703WIAaOvxYgkH:u0xxno6E82UVE703WyOvxMH

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.1064

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file facebook-pro.exe has been seen being distributed by the following 31 URLs.

http://facebook-pro-app.tr.softonic.com/start-download/.../63d2a1893113685785d739f23d1c2cf7

http://a.tinhaythe.com/2016/9/.../facebook-pro-4.exe

http://facebook-pro-app.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6SIo5-jk5k=

http://www.signsranchbest.com/ M8Nr7rGRB3XlZIl Zuw_scdzRMHSPO2QCbo9azwE9s2mYFYb0L1UWreWrgvYb1J3mzSpReNg0Jh DiWIurbeut5jVptMCPTxluTnlDoNO0iGxuKn9PzRbpsUF 0013W5NyYwymX VukhZ1aavKlbbXrNs0nd1_pIGSHEfz6pamMtTwhewm9TS4E6Qzj41B6YebvnBS42iYURWGMCUO64ewurhe65k9MDG2AEwNF7ZcqE3t6wFQIoJOiPZ_TMIgM3uzzUfHCHMIHSZkDx 3r41Aopa q 2PwCfpZFuLxyVItFpcfnTJ64lc4EkSxc EnmYqb tlDH8H70 WNpJAAnzNhQpV3 VAHD1Gzn58727yyDvobHUB3CG3HXURwmQda4bnwaM6ugdWHgFCAInrhMTmyZLFvmD4FicqlKwPyMT8cADLew2nv2nOAoWndaR8DFW6mzmlaAYbrxkbqoNTeCMhnmFrNwjzFFld gtFVnsDIT60ysDZDnoV6_Us0clIOCpENIUe-G1cAAGRwXmtru5WIDgg24MAl4SDQQe38tqz vncS5BcZ1nWr5yOzBOXwgPu5wWLfkeZv1OuWcxiZfmGdV9kOheWWxj91bgQaGac4nGExjqYB-e

http://facebook-pro-app.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6WLpp6gkps=

http://facebook-pro-app.ar.softonic.com/start-download/.../55c64efe653f6e4bc81fda24378b6833

http://www.clearheartgift.com/j0Ju_L_JXIdEGid6d H3NEjdMKK4jWqMZgDe7v Tq5zT5DIpshwnpoo5vDeurZ10yNjX6btRbTU _3KLyCBHE1pIcTaWUAYpx7VhrFx0PYJq9ANJWeA ipP1jTAgjgoNfWOpbtKZ7cEDBCH0kydPAYXSpZJGLJYfUfi96ISr8 tMp_pHUAm sCZiphzjkSNJ5RKWnIsyATOc2W5hEn4LDQny61bM3qzG9pDxpfwwaOoj0haHyOlYU2KJZx oFIVIKcDilBZ7x5ju9Szg_ElXYlEfhX1JVEvixetfIlZd7cHceIOhR0ZkNFO_gWDE20MuFxnOHsdi1jQuPFkzMBVvzrhOJfnHJ7MeTWk5Q3O4 kvAhClS6rnFG841r1OftrCJKDBoOQ9qKtAKRSGkm4gF6zOWdPstk44y7dJ18RBxZPwQrqfJBBDa2_qNEFe7SIEBBuGtvM26XfSgmH1wGAiLBhTe5W8mR97QRQirqUzZAMs4mZg99 zn5CNFJFqlge3Vq49ZxoFFFTCkU DHxnPB_O9rmV465g==-G1cAAGRgnq2tSW7wRdiAA5eEg0AHtfPbsrb3 06C_EL79XqbzkeWOczhAd6fN7C_36H5P8uvt7h3eL05J_8ePjCtL_EyMml9BWYRJWiKwViKYAE=-e

http://facebook-pro-app.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6WHn6KolpY=

http://facebook-pro-app.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6aHnp-jlp0=

http://facebook-pro-app.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6WHp6GmmZ0=

http://facebook-pro-app.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6SIo6KnkZc=

http://facebook-pro-app.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6CMop-mlpY=

http://facebook-pro-app.th.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-fm6CMn5ylmZk=

http://facebook-pro-app.ar.softonic.com/start-download/.../35a1b11d41e1b625f8e4e6b9a58ec780

http://facebook-pro-app.bg.softonic.com/start-download/.../f41f13f210043509d14fcb311f4615b8

http://global-shared-files-lw.softonic.com/8c3/0ee/.../Facebook-Pro.exe

http://facebook-pro-app.it.softonic.com/download-tracker?th=1/.../TGbmrgxeeSXTdl8G1zdbwg QbPQ=

http://dl2.facebook-pro.com/Facebook-Pro.exe

http://facebook-pro-app.ar.softonic.com/start-download/.../ec90837d9debcede7b5168305eb82b39

http://fbpro.turbodisk.net/Facebook-Pro.exe

https://www.freesoftdb.com/wp-content/.../facebookpro.exe

blob:http://sd-web.softonic.com/bfde5bde-251d-4a36-b0c6-437059b4c5ee

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

http://facebook-pro-app.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWuZIFnoHcEI7f5JH/dVbUsWkVeRCqlVrAALTHKvHjqRpExuoYXRSUCvvhNjcpp/qN/85JI5NyS/yjC8l7iW2wIGB/.../Rio8=

http://facebook-pro-app.fr.softonic.com/download-tracker?th=1/.../TGbmrgxeeSXTdl8G1zdbwg QbPQ=

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

http://facebook-pro-app.en.softonic.com/download-tracker?th=1/.../TGbmrgxeeSXTdl8G1zdbwg QbPQ=

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

Latest 30 of 31 download URLs

Remove facebook-pro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.