» licecap123-install.exe
Overview
Analysis
File Details
Downloads (9)

licecap123-install.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

MD5:

84beb54006d63eebe9887d6479b622fd

SHA-1:

cb9a8e9faac7b9c2335fa76664d84b6709ee3e1c

SHA-256:

c487ef212bc712548976f36356b9371f324d93016cbf6e1f5f0fd85e1869a3c7

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/16/2024 1:34:12 PM UTC (today)

File size:

281.2 KB (287,940 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

File PE Metadata

Compilation timestamp:

12/5/2009 5:50:41 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:/QqbFSxxISwM5PSVv5Z+Hfo0yI4upgZSy0Krfq:NYxYM5ef+HQ3GNnKrC

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.8734

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file licecap123-install.exe has been seen being distributed by the following 9 URLs.

http://gsf-cf.softonic.com/cb9/a8e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69666813&instance=softonic_en&type=PROGRAM&Expires=1460077783&Signature=HlzOXG-c8KPT8~cNTBGkv2Wqh4WgZz7MCUT0~TAzFDTye3gRdPegjk9PyxvqlwchJHDp51UCETtpSfrJc6DwrbwUK47-w3xP3f8jKSxGGC5D7w91Mp2TwWV83DsXt8Q7NPNMYtr~i-is706ehxxhw12y7~pgo7osvAsriAGFm5g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=licecap123-install.exe

http://gsf-cf.softonic.com/cb9/a8e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69666813&instance=softonic_en&type=PROGRAM&Expires=1456940850&Signature=OnvqWkvo8pQSK41fLLhCa-Yyr3d9~OHTMyRmC-Bqs2AgKpccDiC5EAgpLamzqSrRebyoFX9Ga8s-Dy4D0nd2hmSjHWVao6Mj3vRKHj59MPQ5L8SU6Pluj8cXJmujPiCBi0YCU~kARnyKCUr9FqSZfjgZ7a53jFbbCdQwUMsLRig_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=licecap123-install.exe

https://licecap.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOXcWk/.../7BxXuZjFDhQ9se21tQpx7z9Uc2gxtN8f0fPl KoPBk2h6xniaCVFUok5r4WArNWto0z9lpycN6CHZzU1y1hVEkNDI0QrqhnE5zGGo3BBTipNLXis=

http://gsf-cf.softonic.com/cb9/a8e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69666813&instance=softonic_en&type=PROGRAM&Expires=1474772122&Signature=J0L5ME6tdJXbU56vbfJ5JVBV6UcgCOcfw2v165PPmePUIU2IVvfDRpUnZPviVvbb~tMjHpNbiMfmupxdyPenSJe7d27pdASyGy6Wj7yntZC1Y~Yh7tnegxuWpjvWwrRlHezfwwqJKYQ~~xk0PZPvsq6Mn2IFuc4R0tOGtn6iTqI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=licecap123-install.exe

http://gsf-cf.softonic.com/cb9/a8e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69666813&instance=softonic_br&type=PROGRAM&Expires=1477983674&Signature=M2FIjq0IA7DipT9d6lVcJVkB9Fs9gXE8FaGWWI1pNTqCGRupQrrZir1eCJuRjtOpTMi95WnAM9XWXPtv3X13JvXETNcn8cY5sOhJ7qQzebWMKGmeMDLUFdYfNY6Y9yg~OJXn3o3R4kWinPmyLU-cPtQhBWVW6f6umEp7N99bEjg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=licecap123-install.exe

http://licecap.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOXcWk/.../7BxXuZjFDhQ9se21tQpx7z9Uc2gxtN8f0fPl KoPBk2h6xniaCVFUok5r4WArNWto0z9lpycN6CHZzU1y1hVEkNDI0QrqhnE5zGGo3BBTipNLXis=

http://gsf-cf.softonic.com/cb9/a8e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69666813&instance=softonic_fr&type=PROGRAM&Expires=1463090538&Signature=ULIQwGsgtqc0Wdbus1jiPuqsIM8fpjzuUHdUXQkoVFdQMCOi2loxWi3y3k0NQacsDDKfDJOCLrqxCK0X8aRd9PC81o~ocWb3uyMIsiEwT8sNNw724j2hXprhNM3gl4rDtIdsmxCKbA7fWHmcP4LGpw0LjJ~8cd36UpKLMbCw7VU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=licecap123-install.exe

http://www.cockos.com/.../licecap123-install.exe

http://downloads.pcworld.com/pub/new//.../licecap123-install.exe

Scan licecap123-install.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.