home

online_installer.exe

Beijing Beijiashidai Technology Co., Ltd

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Beijing Beijiashidai Technology Co., Ltd  (signed and verified)

MD5:
66e436212b40d1a7cec097da84db718b

SHA-1:
89a33d9aa6154d894768170f7c56b4c1fe4608b0

SHA-256:
5fde1ae05dcc9966af4385d6a17f1a39bee0727a5847ea91b880fd796d2ae9b0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 9:48:47 AM UTC  (today)

File size:
1.1 MB (1,122,784 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\online_installer.exe

Digital Signature
Signed by:
Beijing Beijiashidai Technology Co., Ltd

Authority:
VeriSign, Inc.

Valid from:
5/30/2011 2:00:00 AM

Valid to:
5/30/2014 1:59:59 AM

Subject:
CN="Beijing Beijiashidai Technology Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Beijiashidai Technology Co., Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
66C31366A47FF16D4B8E913540AC361B

File PE Metadata
Compilation timestamp:
8/21/2012 11:33:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:y4tWlRfWq+IccmM0MknnSwEPYWXYBGAj0Xkdbm1MCJGJBiFOdDhmC/8hG+Uqgcv/:ykWlRuq+Pc4MknSwwhQgMmmt/4G+UqF

Entry address:
0x1088A

Entry point:
E8, 33, 53, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 68, 87, 42, 00, 89, 0D, 64, 87, 42, 00, 89, 15, 60, 87, 42, 00, 89, 1D, 5C, 87, 42, 00, 89, 35, 58, 87, 42, 00, 89, 3D, 54, 87, 42, 00, 66, 8C, 15, 80, 87, 42, 00, 66, 8C, 0D, 74, 87, 42, 00, 66, 8C, 1D, 50, 87, 42, 00, 66, 8C, 05, 4C, 87, 42, 00, 66, 8C, 25, 48, 87, 42, 00, 66, 8C, 2D, 44, 87, 42, 00, 9C, 8F, 05, 78, 87, 42, 00, 8B, 45, 00, A3, 6C, 87, 42, 00, 8B, 45, 04, A3, 70, 87, 42, 00, 8D, 45, 08, A3, 7C, 87, 42...
 
[+]

Code size:
128 KB (131,072 bytes)

The file online_installer.exe has been seen being distributed by the following 46 URLs.

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1477108156&Signature=HBNI5myfUur6iy~u3aS9ru6zgBHWwdFH5oVUxP9NO7KfHUcsUFvmpuJT1i~~Ybs5LKODBgIyWcoqoJLPuGHDXvYwcsvmx4lYiH6wTrYd3BRm6FExWpRLNBa8mvh5tK-3VmaAVTysGJnL05nqbwmAdbJKqTin0NlEh9dbuaDq4d0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1474850116&Signature=btqDFIT6QasDcM9JXyDfJP7hKDOR~juYPPaEFBZkSsQNt03~-XbauRlNpp306q2qS1auYIIIy5nSdjExLQ8uMbodWQwaif6dAy7TX3thX7fS89os5kehIfDEaRuzlkADrUWco6kpime1W1EK9m1dX4GcAcE3rsryBsTBg5CYjXg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1469606709&Signature=RoYUMkwUyVgY0~49VwOxsrHh4lvAlUhJnq2nfJuibdkedy2j-DxQz6mdGNBylCkFSjmro3gN-A~Mhtone9J-fJLbi6ZF-oRedwXWJtETVQpPjbqX~ZjkMdlH7TQ8QuoUmoRcn~mS0ug~YNE7ll15S61sPxZkdswhIX~84sASvXU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1453645841&Signature=gsaMEX0zvSXA3VLsG2hRqqjMu2njkN6vALefPWem3UUdoyqGj4gxbt60a-AdwxY8Ohl5kvIF-G0kE1xxBiDvYG86hKxwy7q-THGR4gXnoyvqfyrRbI6T--j7uWJf4KCqAjibvbDpP-OuvaVEX0PW3WxS8ibunMmUclUJxSKGb80_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1475850999&Signature=L-BUJdV0rg87DIqhc40kbKxpmkuNxca8fxTthCfJPRl--oLNVHrVpPIDEeajb3UjlUh4~sLoJ38LtFAgBHcuVoOYrhq-slME7qy9kC1tIbs4AVUBDFJv9bp3CYhTFxdpkw4A7Y5HqtTPGwskrpGQiVcB7pMssB2cLjYrGim26BM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1475378638&Signature=ED8JurfDjhGtUPQl6JIPnhFUl1Fsw6uzJjhyb5ShJhiKscERLXcsvbJAlV5iG~9OViSt883~tr6KG8LIMMIBgDKTFI8DURSLVZIbHuYf24-Liw33wjhB5KnUIHCgfVE9hws7JoQXtb8~Jn5NgcxCPLie6NKR25iuT5cXb6KM2-Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://www.destonic.com/.../CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1478696963&Signature=gAqAFrA3A33EJJF-CSaoYecFG~OJ5QzF54eB4QdSZGj3-8S9geYgWpZAx~bxlh-Q6333zX3QIzdDufg5ACwkxKHu3MzlQ~nzN1H6oUBR7cbntbHNR5dGpB-6p1gnv8OqP2q7dz3sgx3dPoY3mIvYVy11ZdOXocOFVXDcam9JV5g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1463208695&Signature=FoKXQK2O1JiqIzw75iVZsQbR0gkswtQF7TtbigkeNx5ZRfzS-p1KRl1HkBcIz-4WHugoYICKs-YOp6MgGNmrvK~RrqocXcMpniUyhbsyW2mZOwJiH8mExtJaFxMhDVMZcsjv7wxpaIu~cToUzuft0PF43~vWu0EzzmTL3srTAIM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1477537482&Signature=PLwpu1yopS7U-oCLFmgiJG1C4P~YJdTQ9fBGUAgprfwFK0IwL8H1QemeSBkfBg0G2Q0gzHtxymraf9imTWUyGqIaI66P~gXG0ARoptSqu86OA1yH4NwmuHMTa~L-o~A0K72cipvTxjjNL0r7Xj8hyecE4wuzSivfpMPmiopKfb8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1439841096&Signature=itjDyJwmpJnQSE4OvapFhI3dwJZkMe~gAOduO8eEcaC1cdjhq0AFPzm51uDw99R6oJ4I0r5h~GSjA1ZCpKi5zV9bdLIPh9OLc2s-Xtt-PxbA4qUpSx1oU5VsICzhn5C4KOLFsGbPHA~V88tG3bJkHMuM-ZuI0xxkC9deqaLPMEs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1438737587&Signature=Z-XOdLRqGiJris7hBVM5smQA5AClWGsYyztYiBqEZWH~iKsDbzH41uoLuiqiplaMrTihc82Rfz1l3oU~pG5QKdvFwk3VzcIi1K~RXA~VDJqKskTkhBiTawLZd3xRcR7kTthohOiknFF1JJMjy1I0kqOAkJ9fRqzRHxQezkEAuyA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1477290508&Signature=Rr-NiwbGoUStW3AKb45fGC2clehN8bDgYdzgVBVAdWanauC2dbvi3LOUK2BPp4o3ZV9E-kK1oHmmXHPOB21yZ~pfIcaXq20XIeUywQJZJk4dLvNEtpCJnNXyOzq~ex~WRJd1U5mTPwEp7KDRr5SRDhJQsgn14G3sNexMP1J8BE4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://global-shared-files-lw.softonic.com/89a/33d/.../CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1478059634&Signature=BQtB5Qmsy-nRk64ltGy2SPzklMyTrIayMZJ0L2G~Tu6E4nzhgaWvDYZzIWkDb6d~AMehjogVEc~KiPLTcfJ~UPWNzzJi711UW3a-NXY6zLyAC3Kh46NcUG1LxJKWItt9V3hFRbUl50IgGHMr78y0hZbUUheYOCjjvXzw~6aUxNQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1425788750&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=cKHUX4zGfPCM3Uult2mu1zBpT-GPrRMdRaS73jpfkSvw6vPFITym6cAa1GGoI3-8irj6qfKa1Qjhw~Ze3XxSuNnbK6kbafXLlIlpYPjpr9OeMHtdn67WVIVGUdg0OyN2YbZrRrdVmXjTiBPbQRTXIWvsyzD4d3UTk9TgK5QNGCU_&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1478749972&Signature=NfpnrWwM3sMb17MtA7aYFRwJPH2oj~BoywR7mjSzD5pGLZPrtRpJXpCoOtkkMWxyWDmTBT37kJtwJwTYTLz6tamDGcJg0WGocdmMSSA246F89NE0KDfxck~h7XkivNg9kOpOHLKlViN147IQo4VDPFuSXwjKrkvqZlENHAd7loQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1478328300&Signature=iTuMhRBL66gwSHD5ogZdKfVMbhSEF1g~okaJq~tkfz6kCdXsViAfZG9W~ZnBllco101MilEjGAVaYZLRsBrxKXd6NeePsepPRWr7Y6qhgD5ImhkVa4XbbRQx3IYSDdcy7APWUl7zWRiCkgVOXD7Hcv8MFsHYEVzIfGC6G0L0jWY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1447451865&Signature=W3kumYvlShlFTdAMkTa6N6mWQAdz40EyaOTwiOpjI02CM-9PyizgKRCoKR62KgE8LEF~g2hgr7SxUoSDveLUkh~Y4QzTduMPzXO6mPWxIkul5fthxpoSSBnI-ORbu~omXSSDzydBhnLJ6HBun2soaSYJocTNcpKyjrGvvChFkzo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1479272815&Signature=Bky1Y6N6s4n3whDUEj2UGiMl5ZmnBdXUGxt0PkSBG5RGAKuci28ZnftBUdRC9dlmzydsrt7O~WbUiyqW-81D-E1qm9-aMXxYsNWfjOdBKEH4JIg91cP9c~QGPPmuto4Cfrc1j1ufKey58heK9T-h70yBkFvDpS~EIRI9bs0EZGA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1469702180&Signature=eDovILA0mywPCEXO~QzrW03nndxzNFXeOMsbkzcXlr92WdS1IDo6QlgAbDAgHvdNdLc8TixY0foyrBo4zw3iOkIS7xJYLnyBf5f2nDvCKZ15ASkWvsS7-3R8Z63or6imXGQA-1D-tsojmY6~hwD4~tAfunBR0hhW5H2Z8kvrye4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_fr&type=PROGRAM&Expires=1439021901&Signature=JW5TUef9HMT2BD8vlxYwx1eTmYca6Oh~n-p1wE3OE8uueWho8BrTgUBM0IEOCSCRYFN99HMOzKZ7~wXMMm-jtnrxRbODVnznMircIJHm5OE1kCNLLiZFsUt~mkkzBdErOkzu3JCp9u22Kih7HOci0I88EwIEYbiox7L4KzbGfbI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1438521044&Signature=QSz-CDLpPPJwDnfs8HLLMJ0fjok2bFRU0EMohfd55ZA5a7aYPlu5tpi-aje9UdTYKv0aB-FSYLdmayQzv-U9VVNTbE3AGz~Ub8AC6wn14lspZrV1jFbvh1-Jb6-JchnocbvWFLvyna4U~gzz5L6dc7lxOCxq4KBafLoYbAbZgdE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://down01.waxoo.com/descargando/024/55/coolnovo/.../coolnovo.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1465787712&Signature=FNpedoDDNnHl0d6XhJnniCfcyhmgCPVvHjGrqPl3lJZ01k~unQHXC8vGCk5IRqNAb8IIjGgrqc63EyIMP3lkVHgw3mzfE8RKehgHURM8cyIh5KnRw7TIk~Srpk-M6Emoz2qldLJ6Md92TE21cK3HNtPiMByLYVgFRN8TriZRLVg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1423525672&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=F8nU4RGyUp~r~jJsvll612m-CdK3~sbxScDuOHGGyF1z7y0Lp~4uh8YwlGkdjX~tIKjHRPZ3DJtKLsYwip4UAfRh85h9p~TeaJ5hIAS9asBcZ5Li1z3XcnlShRZScoUF56GBRFHutfRH5KshyB5IvUY8gPVqTpx5iWp1NCG9UP8_&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1429846503&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=QQ4yDgfrZ8xydagd-zOuIXxLBzFPB9cOXmGcTUhzhrTpqri7bVilat5QPwmkGN97lY2y-x6hItRYMM-dMVsAw7WoyV1wa8zNbMfUu1xFRylJFV7y26tjhXvJsyREja9m6fvF72OoVrOdrPdoyidhmRvz9HQhMSIGQ5GbDwL~l5o_&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1434840987&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Te8F1e3u2GbFEaLYWu~cXfBENxoNN4B2wD4d-kFTiP-9B0Pn4f3OMBYEs58BBXkflSszzSRheofuiKBUlspmWG2rIgECxwvjNm5~XMt6054rQEHsxw3afL7KmJPS7mpnTHR1UwdxAZfsdNcnWc1m4oPQb~0klTlGmM1RWRbsZ3M_&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_es&type=PROGRAM&Expires=1438629391&Signature=BE3Dw0P4ddie4QvQAqWvQRXTCHbjH2BiY-dkC6EtE-My5SVHNWNU4EdhmSh9KmG497tpCm~v9IuqFzQVgCZLxLQob2ieqecly-WQnpwsAMr9cgg7RqBtwKVPne4bE~a-XubiWQuPog3LkJPFe62FX0OWAYGuo1cP~DwrGT0tFjQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

http://gsf-cf.softonic.com/89a/33d/.../file?SD_used=0&channel=WEB&fdh=yes&id_file=86581&instance=softonic_en&type=PROGRAM&Expires=1439943052&Signature=N7rEUmCZaJb-TrKUz7sDfraZm7Yw-CmpyyocD~eOw1EASTD318AoQSKo39ysy7im8MqqnIzoEC9uu0mH72hLHh5nTGyOFMCS28Npk8mEqmEBH46l4bgjWUEG8IMaJRKSFMGUhrNyAkAugiG3yOO6j1Cr1HmSfnQiBYPTzww8A8g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CoolNovo_Setup.exe

Latest 30 of 46 download URLs

Scan online_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.