minitool-partrecovery.exe

MiniTool Partition Recovery

MT SOLUTION LTD

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
MiniTool Solution Ltd.   (signed by MT SOLUTION LTD)

Product:
MiniTool Partition Recovery

Description:
MiniTool Partition Recovery Setup

Version:
5.0.0

MD5:
ec927e3e72f6c1a56b67c2db4e36f334

SHA-1:
404681080bd744de0765fa187daac8627cda4625

SHA-256:
86675664f427b4b28a2ebe60644aab74f30b9983c200c0c25ebcffce98150f1f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 9:36:32 AM UTC  (today)

File size:
5 MB (5,200,032 bytes)

Product version:
5.0.0

Copyright:
Copyright (C) 2010 MiniTool Solution Ltd., all rights reserved.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\minitool-partrecovery.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
6/27/2009 3:35:18 AM

Valid to:
6/27/2012 3:35:13 AM

Subject:
E=support@mt-solution.ca, CN=MT SOLUTION LTD, OU=IT, O=MT SOLUTION LTD, L=SURREY, S=BC, C=CA

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001221ECC020D

File PE Metadata
Compilation timestamp:
6/20/1992 3:52:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:Gl991YnGj5Wseob7ATebHDH7qyEBJxaI3AzFRw57xCWAuwM/oNf7Y6qI:W991OGj3D7AibDH7r0Jg857xu/h7PqI

Entry address:
0x9A58

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 6E, 96, FF, FF, E8, 75, A8, FF, FF, E8, A0, CA, FF, FF, E8, E7, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 0B, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D4, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, AC, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 1F, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9379

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file minitool-partrecovery.exe has been seen being distributed by the following 30 URLs.

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_br&type=PROGRAM&Expires=1474467503&Signature=dlySc-idXIaf0XfeXANNwiQhz0KplJULO4LineVwc4UbmsTrdQGaHRwpqMYC6-MbVvXrsfYvlSU6TKd4r9T8se5fQ9jv3Rbz4ywPvaWNEG1O9nQa7ss-MsSbssDV-tbaaLcHoPACf3LAesMJOzaosGqJEJbCN4ECr4uH-ftM2w0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_br&type=PROGRAM&Expires=1476597608&Signature=PlLRutGkS86nTz448M8KbaEkxIw8ueW~n3p3qhfP9lzo8ztM7J~kaTF4~3Vc7awGhKvkCPydPx5Ywv97kjIIduk-Jhznyho67Lt2TzhR2ihB-VDp4-W1hpl~KmDWwTANfi71IlmBF80Ayx6kM9156c1u8Zxl1RyiL61NZinKt2k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_br&type=PROGRAM&Expires=1468305454&Signature=AmZ-t~MT4vpL0LtTdrXiGkr5a7N4YBhjnphJib88pbhSC7xrIAitTpHy6o93Jn0Jlu5G7mj7vRbCRfPEYkeGHdz0YGCbOvlKEaz1saMsjzOF8Ba4mcBSrdsXXboRW1LjGS21vknVbRux1xUxaa~PzJCwilCivCpSr7iGdm68r3Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://minitool-partition-recovery.software.informer.com/.../

http://www.downloads.techradar.com/direct/resolve/.../199efa21e24f1d77491d1a96d5ddd7e1__MTQ3NDgzMDQ5OA==

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_br&type=PROGRAM&Expires=1474874217&Signature=FYRB6oaF1MObLEVhfnKg5gwAvaPmyRZViqjT1sfd-OJ9qtCM98jYJnqWcxDIQqqySgjgZzBT9rzJ6aW1ZQOs07Od9udJXU~lTyUMlsmlVvUTjwR8xXbFoiLxCC1zRUCnE3QA0T1kbRRr-ScM~lbnYsN0jxs7LRnhQptACZbkpAc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://dc771.4shared.com/download/.../minitool-partrecovery.exe

http://ec.ccm2.net/br.ccm.net/download/.../minitool-partrecovery-5.0.exe

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_en&type=PROGRAM&Expires=1478400281&Signature=am-GvZuwuLQgdb7uwng-WW~23nW93MuJKY5C-N62cH6BGELJO7b8CE-P6hRouyNRmCaqUBSftlXvOrbojA-Vvb5eObakV3kQd6g4dhRBwE7zQC4SwZle3dmU0U5gCfyRqPIarcK9UfLHCN7FiLuWS6JyfpCINjrIEiT13HTVFi4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://lb.cdn.m6web.fr/d/c/a/324fedf112f44e55680b5f3c1b1ce9d7/568915a5/soft/.../minitool-partition-recovery_5-0_en_324322.exe

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_br&type=PROGRAM&Expires=1473661200&Signature=URteV~cMwPgMl8K4OkoJWr0uPKsjuaoChwQy83ROZhUUYKtdT5hgk1ylLK1Easwc-COXMIZ9QHh38cb9QQai3dvwiUIaeT0iD9XBM7JI73twmn5B6uLrXfyDQg~ZNMWZykLZLnCErT8m8JjFD-aCZ66uA0nOsBgXWXktsuYL2NI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://download.softpedia.com/dl/c713e979951e92502a60946184993108/57d579ca/100160884/software/.../minitool-partrecovery.exe

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_br&type=PROGRAM&Expires=1479425487&Signature=Zy6GhkxctreD782ZiShL9iCs7zWKou-uEJ1Y2UO1huTcLMBC06Py9NXVyqyk5lslUbt8QFgH2dA8DO~GRmRjUFYQ24z4U3dEZFuanEmJ0Ev3QfQxZ8WP1XQ5sgYem4fy4NcsxJj~JlLAUlgviVDJIwQPXHreAxAHc4olr4Rn9PY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

http://lb.cdn.m6web.fr/d/c/a/99faad31d82589c713d7d5b337b13b54/57fcba2d/soft/.../minitool-partition-recovery_5-0_en_324322.exe

http://ec.ccm2.net/www.commentcamarche.net/download/.../minitool-partrecovery_5.0.exe

http://gsf-cf.softonic.com/404/681/.../file?SD_used=0&channel=WEB&fdh=no&id_file=97510&instance=softonic_es&type=PROGRAM&Expires=1470848013&Signature=baXZEcivtZcA7IDFeLz-N~JYp08YZuswMp6rfc5Ypy3NWWKToNDWLBX~4jMIVLg-wV5hSkK3gwt8JxrSMjV6TLxyC2wqaqPTXwMdAKzL0TSfdct1w0Pp-l4E6IDCwqlVxwY5ZhaAq1Z3IDHp1sarLAN4LTAW06Uv85CHG8jTzSs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=minitool-partrecovery.exe

Latest 30 of 30 download URLs

Scan minitool-partrecovery.exe - Powered by Reason Core Security