home

jcrea500_setup.exe

Xinox Software

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Xinox Software

Description:
JCreator LE Setup

MD5:
8d0234c76ebfab5bb730518db735ea42

SHA-1:
fe9d541089e284651ff17e6a5f88545e594afd5b

SHA-256:
af89e5c1df4ff2d81a79c81d20012fa386cbaa10fb8f4ef07b8a1f4ef98a0ba3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 4:33:25 PM UTC  (today)

File size:
5.9 MB (6,219,333 bytes)

Copyright:
Copyright © Xinox Software 2000-2010

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\jcrea500_setup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:M/+xvPwPc4r07JaZojgvPT5ZQw8A8Fenpdjnse4KvRV5ldeTszGU87ocKtr/6Kmn:T9QI7J+j5h51Pt4Kb5ldlaDVKAxbL

Entry address:
0x9A54

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 72, 96, FF, FF, E8, 79, A8, FF, FF, E8, A4, CA, FF, FF, E8, EB, CA, FF, FF, E8, 12, F3, FF, FF, E8, 79, F4, FF, FF, 33, C0, 55, 68, 02, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, CB, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 06, FA, FF, FF, 8D, 55, F0, 33, C0, E8, B0, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 23, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9992

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file jcrea500_setup.exe has been seen being distributed by the following 16 URLs.

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1484092853&Signature=AHwjOJX6F39rlHJS4hGt42xv6k-ioIPQS5ThrZ8kJPZJtQgX1yMzmZ3x7xk6xcXloDgje1x7WnBOyCSJEG3-CYNGPPyjW4aDfResOrDuvruSzEiwQmuM9GdShLsaXeLVGBemXN~FgTMaNFOqleP8avKjSbFJiZaudhkwA6g6CzI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://202.29.52.57/~krit/.../jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1479857352&Signature=D~KcWcgO20t7UGfL0JbFDWx6jwpn3aEomwUo0lZTyevrBgCgpQ2cFrhPA9GLXz0O7Xjhfjld282qEzEifHHbIhlQWvUN2fac2Ae9RYpoaIPV2OUmPooho1pCI~sY44MdQutOl3g1KIlH0LsLwUBABVsIVUzktn3RreiJ8hj0TxU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

https://drive.google.com/uc?id=0B2aGZIKdwiduT1Q5WTRRQkxmZ2M&export=download

https://dl.dropboxusercontent.com/content_link/.../file?dl=1

http://www.cs.bilkent.edu.tr/~guvenir/courses/CS101/.../jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1463424908&Signature=UzUDRXKvDGgMQkUv-zZWwFsS3Rpjl5pWANSMOGfpJs-jxbOxKZEUls7BpwWk1Sm8lc6NesfH5f1iHscUcIUqHwjmv3-7v5Q5aSn~UEWxFiolQnqb1puqop~HhAYmxBQ8IFcIUWQmE6RzjjwmVk4jsde5M9c~VLyOCRwVUovr-CQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1454649656&Signature=OqNrx61UugV1S-2TlAdpKE1ylNX05sm~0DlbMGhBIPjHreQa8Pjddfwlqsd25py4YykkhqDa9NOhLjfFSIRwLNvlcz6PBGiWITk9A7F4eLTnUZXx227JKSZDKg8fnaY38u3CH3PQfxs~ILqYLXUPdN7uMwlk9tTvX8cdBDBQK3Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1447736633&Signature=Cm~3V0BS53VbUqnvMO5K5x4sKatFor3bpYx2gJnpzb6MH~7v1nY3oIvCprBy1GNZY4OzZfCWNb1V6~hgtwmbzF~lMHMojFgccERPeRaiQOv0DmXoNUQFOCx5BapFD0dy8~1ZbYwk4zCQNcMcKIkAVGZNLj1B22Oo-Ifl4rcuC08_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1458003485&Signature=IFgoVYlKlal7Euwjw9Yt145KUyAlX6VDgeBjlx-BXuPD8ZQORVmxFFcjkXpyJyTBX-EsBfUARHaaKjbhwnFILe7CtPdVY89zMyFmpI-fn083jYeVR4mRI~6YDjAclbUxjSC4UVPGAYgL6tzygTU91E-LC2JDSbzjdQCyec6yRLM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1451164728&Signature=Qsd9ecabRiWZrRfb2DsFfaWiOrXDRfqP2lGqH~6wQyXzFQJaoyLu~mw6HNSjMgyRHG80PqlHEX9Q38kvBNXf0haZ7ga-DZdhb35ehgotgsIZtNh-QswNw1IOs5VTmB-z6CrOQon9~bWxQUZYrephcDaFQtqJV2p2D5lZpJJY3mI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1449461606&Signature=YlGz4z~tbTCNSJSDScg1gyDNbgc6tzaJNWHCwVurykoeBPj0aLCBvePfRrO4P5uAQ3xY8JE1iaWEQdclQFZZi~m6jGyqUP0WytU2RjgDK-MnV0sokfN6xN7yFuRMH-uXzkndP~EadlswIkYS4Os2FXFsYlq8~MGJX8j4XkGvGvs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://student.guc.edu.eg/intranet/Faculties/Media Engineering Technology/.../jcrea500_setup.exe

http://gsf-cf.softonic.com/fe9/d54/.../file?SD_used=0&channel=WEB&fdh=no&id_file=65813&instance=softonic_en&type=PROGRAM&Expires=1448462456&Signature=Nv8~iONxCLc0KDCjHNnuNqUvYksy300GKqindcCWd-r2cz1UgN~WBj1jjDoZbTVaWLT1phLZYockfduPdhQ8hGd6kceVWdieJgAkqU7E240e3uxbcfIRy~3sutNQhb2MhvWmBV~Dca0XfIZiTDU-HXzZ4~0n-tYamJlL4uanHos_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jcrea500_setup.exe

http://studentlearninghub.friscoisd.org/mod/.../view.php?id=15952

http://www.jcreator.com/.../jcrea500_setup.exe

Scan jcrea500_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.