home

HandySetup_v3.exe

handyCafe Installer

Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti  (signed and verified)

Product:
handyCafe Installer

Version:
3.3.0.0

MD5:
906c3da5c2585fea46ba12ce3755d348

SHA-1:
a76c18515bab387aa3119a800dc93f752fca38c1

SHA-256:
dba053f925f0ff0a983c36f151a3bd7681c2f8391f2c9636371e4bfa1935c911

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:35:23 PM UTC  (today)

File size:
12.7 MB (13,283,744 bytes)

Product version:
3.3

Copyright:
Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti

Trademarks:
Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti

Original file name:
HandySetup_v3.exe

File type:
Executable application (Win32 EXE)

Language:
Turc (Turquie)

Digital Signature
Signed by:
Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti

Authority:
VeriSign, Inc.

Valid from:
3/20/2010 1:00:00 AM

Valid to:
5/5/2011 12:59:59 AM

Subject:
CN="Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Ates Yazilim, Bilgisayar & Internet Teknolojileri Tic Ltd Sti", L=Istanbul, S=Istanbul, C=TR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
699161FB28FC130101F0E538145B1D8B

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:diDOCK54vwduOttNRaEYIjnndO6S/4gq3fdTDBKkpRc/+eaL2u0GGoi6BY9Bu:d2hvwdmE1bdWqvxBKkfcQLTCNo

Entry address:
0xFDE28

Entry point:
55, 8B, EC, 83, C4, F0, 53, 56, B8, 68, D8, 4F, 00, E8, 4A, 92, F0, FF, 8B, 35, 74, A5, 50, 00, 6A, 00, 68, CC, DE, 4F, 00, E8, 20, 9D, F0, FF, 85, C0, 0F, 97, C0, 84, C0, 74, 15, 6A, 30, 68, DC, DE, 4F, 00, 68, E4, DE, 4F, 00, 6A, 00, E8, 6C, 9F, F0, FF, EB, 5B, 8B, 06, E8, EB, 81, FA, FF, 6A, 00, 8B, 06, 8B, 40, 30, 50, E8, D6, A0, F0, FF, 6A, EC, 8B, 06, 8B, 58, 30, 53, E8, 41, 9E, F0, FF, 25, FF, FF, FB, FF, 0D, 80, 00, 00, 00, 50, 6A, EC, 53, E8, 76, A0, F0, FF, 6A, 05, 8B, 06, 8B, 40, 30, 50, E8, A9...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1012 KB (1,036,288 bytes)

The file HandySetup_v3.exe has been seen being distributed by the following 11 URLs.

http://gsf-cf.softonic.com/a76/c18/.../file?SD_used=0&channel=WEB&fdh=no&id_file=48723&instance=softonic_es&type=PROGRAM&Expires=1448784262&Signature=JFkV-bFWZdl8FlRKCRt7KfpqYCmFy3vMM7SZWax5M3WcCVFu3AXQ-QWT5-d1Bo4pD80ngkSPkolEyW2WFBzMEKx2Ekx5E5TFrM3hxKR1NbVOnK4o44mOl05FJcjQdox~9BiNLrsh88olDTHw59EY68J0Sdki-tMJGTj2h0WAHsg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandySetup_v3.exe

http://gsf-cf.softonic.com/a76/c18/.../file?SD_used=0&channel=WEB&fdh=no&id_file=48723&instance=softonic_es&type=PROGRAM&Expires=1473248469&Signature=cHKr7Ob4teyfJnz-lQ2WN-4ZQd1dRq2g4ezzh0LsG1HUJ0xStYxdyjHcvyK84elrFUJDn9rsP0N8Vdlia~h5-SynGxumzFaCdGNHaC3iKzb6y2oN4~KaXXX-1Ou61JIQTa5Hh1LunR-oHBV1CNQkOIsVVpP3Pw75mbxkVh23HSY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandySetup_v3.exe

http://gsf-cf.softonic.com/a76/c18/.../file?SD_used=0&channel=WEB&fdh=no&id_file=48723&instance=softonic_es&type=PROGRAM&Expires=1472962921&Signature=JdS0DBiebKUzyQpplwZaB3BTJqNH81vTmmU6MwGwOdxcQD695EhRgSKx73BObIQAVw-kfbKVDWz05NQt3H1qmsdISKqS4bv1ElQMxY7b1aJ0nGMKK7M0ZTav1wChoQ1BWqUL7KENqQrqrUX-w119OqteZJoreVJPvxJCDWSoqMY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandySetup_v3.exe

http://files.handycafe.com/.../HandySetup_v3.exe

http://files.downloadnow-2.com/s/software/11/45/65/.../HandySetup_v3.exe

http://cdn4.handycafe.com/.../HandySetup_v3.exe

http://gsf-cf.softonic.com/a76/c18/.../file?SD_used=0&channel=WEB&fdh=no&id_file=48723&instance=softonic_es&type=PROGRAM&Expires=1434178204&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=TS1TAhOtzY763qYj~1Iedez3NuJi4DchZTcO0YQCjht9UNpuSG89HxLl8OEG~7H3nk2l91jY5jwOYiU~QLrNI9cfrtXkdpGRZkhcuvtnU~DGyauEmtPsl6gt6nrDQOChhSnFp21pL0eG1qy8LpHDH51CemMVDo1DaxT5hzrixuo_&filename=HandySetup_v3.exe

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-9fKUhBnyJKjAJA63RjMY3ZOQmMQFZP9b0WO9ozrc2UtA_-ns1n8kyQ7lM1VRO4nm-OZtZrw2rULBXQ-scIJXZQ/messages/@.id==AFGvCmoAAFyUVWxoIQhYuCL439I/content/parts/@.id==2/raw?appid=YahooMailNeo&ymreqid=3c220521-f67d-7ddd-01ac-d30016010000&token=EItMe9QVv1Atxw2VKHG9i99mUB-px4Bg1ftzkgAVwBaASam619F9uSkljpyVbiEr-Kd3caxyKuNKrxvk-H_OrQ&error=https://mg.mail.yahoo.com/.../iframemsg?id=4c82fe5c-ab6f-0814-addf-8a4e07985907

http://files.downloadnow.com/s/software/11/45/65/.../HandySetup_v3.exe

http://handycafe-client.software.informer.com/.../

http://software-files-a.cnet.com/s/software/11/45/65/.../HandySetup_v3.exe

Scan HandySetup_v3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.