fss_photoplusse.exe

Serif PhotoPlus SE

Serif (Europe) Ltd

This is a self-extracting archive and installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Serif (Europe) Ltd., support@serif.co.uk  (signed by Serif (Europe) Ltd)

Product:
Serif PhotoPlus SE

Description:
Serif PhotoPlus SE Setup

Version:
1.0.0.0

MD5:
9d66007fd8b7d90d0ef91266883ab69d

SHA-1:
b2b51ea52f9a23f1e77efad95c3dc5d5037e1211

SHA-256:
a6896c11c37366c7cdad715f5fc40603834d2409575e6f030bbaf96d3a2dfa60

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/25/2024 1:38:53 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Bundled.Toolbar.Ask (variant)
8.8498

File size:
71.8 MB (75,264,912 bytes)

Product version:
1.0.0.012

Copyright:
Serif PhotoPlus SE 1.0.0 © 2010 Serif (Europe) Ltd. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
3/1/2010 6:00:00 PM

Valid to:
4/3/2013 5:59:59 PM

Subject:
CN=Serif (Europe) Ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Serif (Europe) Ltd, L=Nottingham, S=Nottinghamshire, C=GB

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7903E8A99E7F4DF4A874DE164DF90808

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1572864:8jeoWlEUwth5TMuIeNSiCGVrofQ+kjfGtAsNEUkl29sOW31W/NCB+cLB:2RDMneNbCGyfbkyHNEll29E1Wi9B

Entry address:
0x2EF4

Entry point:
55, 8B, EC, 83, C4, F4, B8, CC, 2E, 40, 00, E8, F8, EC, FF, FF, E8, 5B, F6, FF, FF, E8, 36, F5, FF, FF, E8, 11, E8, FF, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
8 KB (8,192 bytes)

The file fss_photoplusse.exe has been seen being distributed by the following 18 URLs.

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_br&type=PROGRAM&Expires=1479829029&Signature=fL8FwxnHLAZbgHssq1yMDwwO0lbjxsqh~2rxxIyZumHuiZMLUkRTG9X-JH7tmiEuut2TzMxR-Ksn-85C7apKL7hPOTibyIFGD~hKQIShNOoWZubLHwKdgRlx6LwkqVPTVs~xVrONc4CY4V6~qAlCs-KYCPVLpoYC~~euh5vvVzs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_br&type=PROGRAM&Expires=1480831164&Signature=I6RPK-BcOTjClI12F9VPyUBJd7EySKyF-Pujq33RnoJs0nltin2mKXV6hw3p8H0ayxiQzS4D~WAdDWjjdrJoUAo3hc53wzZ71W6ddH0KXuc4pCItisGyPth89ASlNLARpvvTdGrdHEIness62rFITpBfE9Yy1YXME9f-fv03tm8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_es&type=PROGRAM&Expires=1477341290&Signature=XKf66GdaRdMVC4~mVXB-yZKWOtqnlguZ3-FvluK3ReGYnTCMy-U-RCsYjwM-DGy9VIL-awCnNsz0H9~XZCslDvj7VMkDw--F4GsiXhHrNJrK5rSI57LySCcfNuLj9Fc1Suu1Jrdgn1Sz5kSzDc5bQIkwfRWntGCCA-bMY7Ikbv0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://global-shared-files-lw.softonic.com/b2b/51e/.../FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_br&type=PROGRAM&Expires=1479163674&Signature=FmcxhqPfMKacN2F16fhdNfHytY5fZdjhZ2HktOuHcfMmxt3GbyS1T83buKLJCjibU4UmtCa7b0EgaWwftBtNPxYd3eflCbcoBtKCcCSF8WRhDM-egXGsk~ManSuSrfXp3RjFW8GkBz5fVPMqgYM-UUdnSy9z8TY2pWJe8~~LUFk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_br&type=PROGRAM&Expires=1471428742&Signature=AicXsFX2gzUscfLk9XhM33KL8eargTktiBaUvUbcnwL8bwZgFoHpzjiGY48lJBsPmPdvI7qcz-Jr2MnKOwh02KTmF5I~mzaeKQz1C0Ymv9D0g6emkWaVe~ZBb9Ul7dp9I2rMK-sqKgEXU6g-sDV0rPndq0Hheob4CEeC0DAk-EE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_es&type=PROGRAM&Expires=1430021085&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=dbZvOoVT9P9FT-NhpWc3shg9XtLmA4njPDS45YLblkHp8L65tcy6IdWFk-lA3DRUmwD40h71vzUM4XSPSsgciCEGULvkwjOTLZJxjX-kE2C1M8VXEfKY2Cd-5kllf8LoCORGoa1GbA2kqux-RnTzg-k1HWibCf4~kjsULEk50iI_&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_es&type=PROGRAM&Expires=1476652239&Signature=gQlb~aR3DVPLaNt6HmNvxpnb6CXJ~vq-Hn3tQs8C-zsMTtQ0WLwXAf72PdQdhpDxClkgFI6CkHUgcVCQnLs-Zc~HPZEsrF9zjVCrmXSxrYqgjkWjPp0N1SOh32clAXMxbm-Z9X6cVSe06rsqB9cCCz049oBoXwtznJ-qID7N9xQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_es&type=PROGRAM&Expires=1469798409&Signature=alggwoxWHwo7SycaZm7M-jWoZW7PMG0WMcq4UeP7DC0QR1DX~23CvCdPiOIsg1hxZPfM3vdZ~pAVQAFOMk5dEgWo2eApBB8OX6kGev3bNC6eL4TdwoyMjlEb8XUMpJY1wgUMMh2jWWlPDNFKuQ58tMWDO3FfnjlUYMNDFvFL69w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_it&type=PROGRAM&Expires=1478401802&Signature=U8kTFILGoENYmatkjhGgszGPKk5otQsUd-hOAMIuGnrIy5WTDenfQ0M6dBD6u7dPa95Csq32pLTtEGRKhy6bDPaMZ9vXswega-ZB0Lc~fCyWAj8W9hpS0qveMAPAE9iLHIax-nJLOq~B6Sx1W2J-OCoMoL1T60jbcaV8u44vimU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_br&type=PROGRAM&Expires=1480408852&Signature=Is4G-dMcrheb5NkKODhgImcOyrRl7ShSK6zVWJzBGPslaBrmUKPism0hofLf1~fJefR1cj2l~FoRR9oDrNaG2gJ16v86VwqLADLigFp0egFSxN-0ANjkNY8Vr1-IvTufmtxVHadNJ5-7FhmDIiik~y22KedpC9tA3KYHDLBYGBI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

http://gsf-cf.softonic.com/b2b/51e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=11953&instance=softonic_br&type=PROGRAM&Expires=1469644065&Signature=M2ZFcbSX-oN-u7aVlTt3L5se0eX-GCJqaBkJPQtlqFxOtoS74he28yfD1WFah61rxTM0LmHI6NBmtUyUC3dvNO1uj6Rrcf6N7gMGbt4U8mHUGAF879Ef9T1xBUpPfsWjSH7XJ1lrE7cjTosqmk-uAbX13o4gCmFffnySfHAixlo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FSS_PhotoPlusSE.exe

Scan fss_photoplusse.exe - Powered by Reason Core Security