ftsetup1_00.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
b01254db56dd39950bc7d9ea5d0571a7

SHA-1:
0ba54e69d8f15c02af136419ea50cc621b143c25

SHA-256:
e9f6e3f445c30e37322918d1da7262e6a73d1374a08b118cd7e7227bfe0ce4be

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 5:02:20 PM UTC  (today)

File size:
11.7 MB (12,218,334 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
2/7/2004 8:26:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:yllra7Zxfd7ZvuChDjn2FcaoaLW9w7WqFWIDWh5GrigPlOVDOLQox/F6:yllra7Ld7ZvuiI1Ew7WqFDGUri4liDOM

Entry address:
0x3F88

Entry point:
83, EC, 0C, 53, 55, 56, 57, C7, 44, 24, 10, 70, 92, 40, 00, 33, DB, C6, 44, 24, 14, 20, FF, 15, 2C, 70, 40, 00, 53, FF, 15, 84, 72, 40, 00, BE, 00, 54, 43, 00, BF, 00, 04, 00, 00, 56, 57, A3, A8, EC, 42, 00, FF, 15, C4, 70, 40, 00, E8, 8D, FF, FF, FF, 8B, 2D, 90, 70, 40, 00, 85, C0, 75, 21, 68, FB, 03, 00, 00, 56, FF, 15, 5C, 71, 40, 00, 68, 68, 92, 40, 00, 56, FF, D5, E8, 6A, FF, FF, FF, 85, C0, 0F, 84, 57, 01, 00, 00, BE, 20, E4, 42, 00, 56, FF, 15, 68, 70, 40, 00, 68, 5C, 92, 40, 00, 56, E8, 9C, 28, 00...
 
[+]

Entropy:
7.9990  (probably packed)

Code size:
23 KB (23,552 bytes)

The file ftsetup1_00.exe has been seen being distributed by the following 17 URLs.

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1485458742&Signature=JA9xApGka36SOWZVxbUf6Y9GSb~xM-X~dE8V07JRLKvlcwnScHJsUe0v1VCyDKC-qWGRpALXW~sA-J6-zfN-cgdJeW~vA1cysB96vjSwdZMT41OrB6sMy1ohCXs7HAwZMlHtL3TjASMq097pK6Uvc3nAMkzIH9XMBYPWtumfduc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1450141492&Signature=BwISEykhmmb9g9xwvYHgRg~rI3hyO5a~cPwswWMm0PjtUpcFcSdmUkDHCM9WRER2xeBNFQP7-TMt00UoM9tBwkAJKNrBm82CrPHdt6iBR-9jJJDiPhjJj8bEqtUcThv3SUswu4-8i-Md9cLM3WrR2UXRYlTyCSqXH6bQm7QUnSM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://fish-tycoon.software.informer.com/.../

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1475055181&Signature=LqSE2-wLVzGJUTpXsILl88zC4FBeHFpXIuJ8XJKTLkzVYgOccsckanqjm3DVJJI8Gd6Br1BMn~m5YQZpKsG8H2pJ9RgBxGx6wsO~46B2nZwk8gZHR1mdF~Z9XnCmLToRUK9CZ~GN1964X556~kcDvMIGNvW9KmMWoYrhFaztKs8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1478533907&Signature=KN-oBM9~AVyVLsrR54iY7YTbwfh~mDPVtIZuKmGG7tL2VU5N9ESwIRBWZwEsIknfrkWepY7TUNJKC1AtZSuIZznd2IYQ7iLnZ-cWIFKVjR85j3tyxWmNiY6jUGLSktMhXrqtF4PfZsFZycb8~s3P03BFPro~WXg19Enlh1zOUWU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

https://fish-tycoon.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOVfKRBTMOd68OupUg76dETPYomnEY9qgn84lwyg17rVdOnJiTbv2vJ0ip0EHg2MA6dXRN67AbrBBu2OD00b6uf/.../F7X6dDahfYAgjNueH8g35oFvkGvS5LA06xBC75FR3inLZ5B0w TZXdxSFy7RMMkSIU6gp5pRfA==

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1478985497&Signature=C6GCKKqYiLX0I9FgePNF3a3UrfnIqaq6cMmSF3eofOT9BEQ2WYvhXFF5eWMboKAQjRrLqmW6~unOggbuxLY-ioy7CRsnk9zaUbMOfCfcb9ygF0OpOzIjc-972CgN5q2q8blW7WeOJpIjHU1-4TAD3ST1LP-Yqz-V-qSdOMDPf7g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1479897314&Signature=JvfAe49njRLb6A5AhZMrpGUWRJLNMSm8adkoUhJfBBy6HenrjlINnjhn0Sx3r8u5IWqa7ihVWluTyMzG2qi6ySpP576qK4jo6UKOFnIhdA~yWT4GI-sqslbJ8p3AZgNPIRIVfCGHNtw5Zvd78fz6UjBEkRmwRaj2hdOyjRRlmlA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_en&type=PROGRAM&Expires=1466523499&Signature=RMSAcrlXCIVKo69-nXVtgJUd5Ls~QuXb5KV0hAVOAQNuBMMN0iaeDQ46BM6HrLVBIcGRt4KVgDxR2wzV5~7D3qEdsdViOHH79coDdWetCn8ECfsNQxedwAsMPw00uZ2DUlCMISURHTAP1TCd7Zi9vuyCnfq-oaWq6IxPS1dUKCE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_es&type=PROGRAM&Expires=1472154340&Signature=QDEs~nAqsAtcqyDTyJ7cMyUwwrA1RpFz4BSJxcd9gJRRct~sqo7cKJLmyxUlWIkZsL4i1whv6R9cDqyDP9qJiYkL4D9vdaTg-z9NmnzKuZNuR9iWacxvOEU1HLbo9PQDI2hRpYROVcMg0Tz5Bk2pA0h8CVZtrOVhwZeaqBqVwQM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=FTsetup1_00.exe

http://gsf-cf.softonic.com/0ba/54e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=53438&instance=softonic_es&type=PROGRAM&Expires=1433141859&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=imiiJHHbkOl8uhMWBRfnVJVw2331Y1WH-8nOIJftMTbDUcfpvjw0-X3lxJRg5inTB7S26BlWRg-WxvkEMpt-BppkeeBZtLfTqBwGs95II4kRmZld77Y3TiNfRz--OAHQVpyMiaOlhzr7fdzim9WnXMTG0Vc-D1o3UCelaz72wIA_&filename=FTsetup1_00.exe

Scan ftsetup1_00.exe - Powered by Reason Core Security