fantashow_full1213.exe

Wondershare Fantashow

Wondershare Software Co., Ltd.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Wondershare Software Co., Ltd.   (signed and verified)

Product:
Wondershare Fantashow

Description:
Wondershare Fantashow Setup

Version:
2.0.1.22

MD5:
631f0b60538fb09e1b5884461e5ee578

SHA-1:
577d4a4e94641f92b0489291531cf16678b7214e

SHA-256:
485f9a459276aee50aa5b831a554df7d7ba05df8e642f124fb5f8bf634a9f3dd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:04:45 AM UTC  (today)

File size:
57.6 MB (60,445,032 bytes)

Product version:
2.0.1.22

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\fantashow_full1213.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
8/22/2011 2:00:00 AM

Valid to:
9/21/2013 1:59:59 AM

Subject:
CN="Wondershare Software Co., Ltd. ", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Wondershare Software Co., Ltd. ", L=shenzhen, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2649593DC86804A0829FE1CFC970097B

File PE Metadata
Compilation timestamp:
3/17/2011 11:22:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1572864:zM/4AaF5BjJ/gU8OA+UlrIWIhrfnKliLxTEGe3/YHZv4q:FhRlWBlrD4rfn2oTg3/YhH

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file fantashow_full1213.exe has been seen being distributed by the following 19 URLs.

http://dw.uptodown.com/dwn/4d4OEyAGp9BzzN25lH2Ph95YSb11foKoGIMQMvOeFBpbJ48oarjpev2WKkgsfCJE_qbiQKXx3RxvKtwVrLYMNzFAr-5tyd8pfq0BsXxVtmjpj1XNs6uE4aXj60b3njtd/413eqW7pbQyDBt3rXJr0npQilbgtzORN6TQx8Hqpw8ypVA4mFRkGLO9U7a_mX47r63QQaa1eozBiAiOS6CYUbfvQxcUE3nhoh2h9DU7F-mCPV2IIF3hemedWSaxjEAi_/MJL7NgwWCoRJP6-ZAkHJTQ-XGOE3eYBvabn7074SotKJeWV79swkIrQuqmHBbcWiangoBrji-gNkHxDISpxANlukM40NXlmw4gsgl1ciwIfCg7xfr-pgb-bTeNIjmt6E/.../

http://dw1.uptodown.com/dwn/oKm0s2TTF6JP5axBpszj_oHv50Y32gmzwumpMZVHgG1tH-tGIAyPiHCgQn1oYox99bMmCAnsfLaxz_EF9de56ShpedAup9uWYS7tdIwOGoaK3wkC_v6UwwR4osheYN3Z/w0NBI_z5J_MWQsSEiyA9fhySwF8MkywY78HG0BlXe6gKy2XMZrafttMXk788kgISyQNxbQ3_DZZqd7Nn-Te0qtR3jmwtj155cop8cq3eBDpUmP7UKddUmrb5Sfo9tII8/WpHPX2fBqZDxM2eZc2PhPrE4VcF8ibF4mKdPc4mHdDZqd39l8RgwSA24Psa1tiI1rerOFkbbNd1I9UTsJJiJutRcc6lyTHzo0m5O9uAsbCxXDjCNRMLGC8T0LAKfmgdb/.../fantashow-2-0-1-en-win.exe

http://www.logitheque.com/.../7a31f8bc.dl

http://dw.uptodown.com/dwn/Y42JJzbva3dYCPHBXgbMhkxsQGwM5YiV_1yK9FP_VFmN4_Kt20SHg9i69sMaE-lvikcUHhu66alkw-RurLi5whrjIRN8GcpyQUwhdxqOcqCN6b6S26w3n1EgP-BIoIhW/OIrqT2hNF_CyWcTemcht-BajQ5hf-gnwA5bmT4HV-V4S80BRmOf-O2aq_dX8md1MbRW1Swo9IZfDL-zc5IAoqMBr1MLUQnfU9ewG0XwbePc5K_uN6ekl02xk7IxMsCv5/-vDxMEQyCzHne5WN9yvJo8_gbAoJSwO5S0EyBbRfS1iw4KAXkToGmmBowsV0hhFtcgUVqlQ1h-xmijx9Y5Jg5BsWzNrCjgTizhI4IS07m5Vf425ywrJtNwE1m_BIoGEq/.../

http://dw.uptodown.com/dwn/L2sfR8RxvtRMc61mumJhIsAoY6KPCvaZkvvxhW_p_46Z79JhYtWZN0xMoghgtCgMUbx1veUmtqmSDOnnCZrWNThgezaKw5T_jv5q2qaL0PUvFPxbIYD4AIsiZ6TiuCa0/Fa5-WaoCZlwYm5mEpRWnkagjTcgsikw45WlD0BS4xCqdz1P6yMu-U5hbZ24ndVaoRHWqjlwVDXo3UmfC68_c9YXfcYSYX9hYsTYCQW2fmbMn_tncnFcY4nGdZcsGWYFT/kyXMgVhkZpmeeMR_q1jNwz6H4dfIMSoEq3zb8HuxQse6ZFTG-U4lYTe_iwAhRmZgT8YSF1ZBp5ZApfaCrS2XQ7LPccetIP3lj0pA1Nqyc4PqojcLH801uO4RuyrOPcQS/.../

https://secure.avangate.com/affiliate.php?ACCOUNT=WONDERSS&AFFILIATE=678&PATH=http://download.wondershare.com/.../fantashow_full1127.exe

https://dw.uptodown.com/dwn/QI6WZ9SYrUhPvH-uNBEKBb9WhSWobLT-7_XIGv70UIcYnsMBT8cjmQYFme3FMIELE7q8mVwGNRprSOpZAalzg92FGhLdDLKCHc-8uoDRkjyiv3l5LEX8fa35_b8GXODE/cAyyUQpfQMxFO5vjrJP3GwDeQUSTQOvWBAt45Dz-mhctCD889Zt4oEcXbwROqkQUrJRb1o32aIDFgLfdHCEbsay_ONWOBGkzo3BaBVU4SStCdpi7hSpnUlPwuO5xDHgF/VMZwxNpsMPQtx9GyVSxQNgT2tVYW2BV_h7QhHgnU16AeMTa37mUJLqAg-7haoD00AYAOOMGIA0uJ7CEoBfuYV_B9BI27-wxQbyKp7vTAQlp9wWsZzqu9TjBV3eigUJdH/.../

http://dw.uptodown.com/dwn/cp5mf03e833tT6ioyxxpozL-z7FAAhcFQzmPp0AwR5cjW1QzDfaheAJ7G-tth8dhkp-YjCtLHBj-GNMFeDdNSl82iFF3h5_0luEK_Nv_cpXOAi4gy3E9DoMkv7jZuBPt/f996TKUfizjQKxJzFTqn31OVuZYiijSgdvFWLSd6HEZIMU_z_SEz7pSoEpDNXZaZzwaxWvHQ9OkIpchcf0qPcgbFmwQsegnQzC_ap87DC2xdbE18mTu2_0fQ6QhEHvPv/bRkGgPXg4IWoJscW1_aES8tEJfJCq07rBSfmiz5zaLEdItPoalBOni4jYhd4wRHyeC6X4LUAQSLQ0QXpE3DqfAeoCiMW5AjfZ57sQhO_SB0GGU7iBRwcuncbP5hU8bLV/.../

https://dw.uptodown.com/dwn/Pte7BfM3b9LPXhkAuFn90jtoBqfG7SjnlLtkD-ETRgt4p1MzoWtZIdtqEgDIKlxXjcZlQvoErS5PCIZaJtAUQKdDh_30gOLGVOySHLTwoJwnift941ocC3kNaAF8-zKa/hixbcAmPZNXu7pxr5NQE62IHyUMVhT5pKeQzSfo-1cDMNPb0T392B5gSqx4CZwAZuqMKxd9PCWdTa66XbnSQj1qwn1QapwFubqFamOC5ArWlt7TRz7OpUAAphBxPQtA3/3mCxBBaSNW67nbYc2KgpFeyiP80ZGw123pot3XmqUp0Ksl2OilX3vKuRmvfpeRDV55PXaZTlOMSrXhojGQyfUCgtveYISfankqijDj1ZLpTrmqYFXH7CFLdzwvoH6Fe4/.../

https://dw.uptodown.com/dwn/Dt16A74NVfZzAOq6IqNrOvq614O4eUOo1Ga-FdvmILeKlMY2H4BP-3YjoUZ8shn-1nRD5c_HgZ2JRVUkmEmGSIMnOMURtXM85Oju1bDnI5Fk9PmslkRN0SdXWns7P9Xy/hRS-SegMZAr0Y3SC6Qz3w-wJGSco_KFoZD9u35R89zwijMAkWpUXVmK1KnBccZdZFOgDxN5zuVPfqzBlxZDRr5ocxNLp_WHXCToKkpU5LygRkvdMRwMV8OBC-EUZ3neH/e2NivFhL721x7VFkfT4Oqm3SnlS_7mie-VYbQyEP_iRaLkaA_Hl90HLq_48LGejpgmRg414PS1jP97umjFdfkOLwtZFowHTtIttqEesg7Z-XietaBMIXC5PTkw01iXFZ/.../

https://dw.uptodown.com/dwn/4Ojb8lo49lEU9amVD5u7oMoqIAGoIAgLDldJ4PVYu02T_A-bMSv5WCx19cmNU-9v4eVaUpvunA3j87zqIub52H2hDCLA3NVmvp-y47syCXn7cFXZY_d0aP8gUjdfBdJU/5fkyI9UkWpYKNzicjV54brSditr0GmNuD4YyNAi9mizQ0jEc_6nbVvMxMtHv9Wzoi35-MdqM-uvJEiD09MEO6E3NZoOYO1yDFawlS9un7ywFxZ_tkFQXSQBo5PysTUzf/yH-n33RNRQmJGadS_55TNJNsrsj7var0QyKM4IMYtsvk_4Ps0mNpLg3ngoD3wocQesuEfIiCDLJ1EB80X2ycNOqAkcbGZwF3NKyX3K_2QoanvZACPt6gvH7cAggN-sw6/.../

http://cbs.wondershare.com/go.php?track=download_start&name=fantashow_full1215&pid=1215&back_url=http://download.wondershare.fr/.../fantashow_full1215.exe

https://dw.uptodown.com/dwn/p8Jyo9FBzrZ0rBdrj5euG69SK6euJWwjQhVBLAKd3Xva6Err_shzOnV-ZQrlT99xOa54Egb2aDcGfOqsEdNWEAzsBwvkI6xfoinjVT_eQoQMaR4Fjn6O20gN4BDwOCtC/lmuh6v1AZgsgtPfWmfN4ZkdPleHzgOo_nMdUitUyS7fPQPKrplonPPTR4anN4jGpvFFR5X2PlQZpVuv4wsz9E3gcwKBc5Y7dOO2BE1ePQV2qODmorZ32QeTjxk0A-Tvv/KoTXi9-JeMdJogj-J4C5xxhybsb6ov2uFCBqvw6u5WEcNdM87aKwvXO5LeNinrk4jUu6DsEA6LSgMRk2PPvswCK15x3vazJCagZldW9kwFkN2C3KensQyBVeaSaZaHj3/.../

https://dw.uptodown.com/dwn/JjONi-KUUD4EdYUSj9y8bfNbyaJQDUGq6efHbolelThlbgc3tc5_EWByvZeehr1fidrXtqcdW7zZbZ9J5NAour_YxWcirZAEDdvaD8TtQfYKx0N6-OajuNJfQ0zzq0iX/nJ9c1ShligDLsD69AaH9pFhFxp9Y5TBx3hbR2utkJqY1k4pvBYE8EP36CPL3pgTPpcUOVK3-u3LhldTfQgfIRIzxAbsW6qUAFxV85C0zd1tj4D6cJI0rmxCBFVO92Lig/YmEmCjmr1myCyPn_iYteprZ7kZWeX2094-O65jCuVkUbbwHgT2wLbmzENaO9_SHvbHMDNMVyPrcuxqTE7j1jHSNEKZFuOvsziwXgxHWSF2Csu8zG-FWhmYqkr6S0ExfN/.../

http://download.wondershare.de/fantashow_full1209.exe

https://dw.uptodown.com/dwn/Nyb7FmRZC7K9rad7GCFS_1ZcpjaVjrk0IPspjj9iHL37HhLMgcEaQCWhxnrXn2ctkQGYmtFFXMtPdNaETRXyuCNAVGnzyt0GNP0nSuazq8DazX4AZTaV_TVk5hcUdB8K/KmrLKsRmgOvDGy8477F02r9Oy3PKMcUOwYgAN6I57dez2JMptXOcerGX-CLk5yzIyWP7f_lzkLq5L6GLzDL0O_D1vEBGNH0MoR0tsAgTm52oSLjISEMchtcXJ5xUmh0X/.../

Scan fantashow_full1213.exe - Powered by Reason Core Security