home

pingus-0.7.2.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
2fb998fbfc600d974102253314eb2e8c

SHA-1:
78532ea120af0d68fb60d7ac8bceb36d335e3f83

SHA-256:
a50bcc868355643410e9bbfb6de308ac72f610a6364a1371b4cfb97a75130a81

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/26/2024 10:59:21 PM UTC  (today)

Scan engine
Detection
Engine version

F-Prot
W32/MalwareF.KJBK
v6.4.7.1.166

File size:
12.8 MB (13,388,156 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\pingus-0.7.2.exe

File PE Metadata
Compilation timestamp:
9/29/2007 2:50:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:LJ8CmQyWZelykSPuS5t0sRcAPqGvOxPO63QuLWi+gAi:pxODzS5tr6APxa3QuLWiP7

Entry address:
0x30F3

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, C8, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, D8, EC, 42, 00, E8, D4, 2A, 00, 00, A3, 24, EC, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 40, 90, 42, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, 20, E4, 42, 00, E8, 8B, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 79, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file pingus-0.7.2.exe has been seen being distributed by the following 16 URLs.

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_es&type=PROGRAM&Expires=1423720315&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=FWdbDa--Bqo0P2JK4VHsErjRvZQKTFdkCRvRm2oiAqe5kVSK9f~chdZDLbVaywtpqVP1gHbD1wBSIlzK2wmWzHcS8FtjkzPqW7fwnD8zD0fsXbvW3MZ1MknbedtDZM0-4aG45X2d-gMnNLHasG9hlvfy4dltg7WojKx~HHBpFrk_&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_de&type=PROGRAM&Expires=1476073002&Signature=MKmnGICr0dKRp59YDwQT0H51I13Vrrcj-gTgWbqDN7UxWANu806bOc9R977o6z94-1MZyvsxrteuXhYOFsWGs4AyX1e~hhWNMZTf59S6w-yBU50YmUDql1zn4iwUhxmSB9HGMz5jokLoysFbIPu~FYx62XpqCI7O9KUWmFXT1cI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_en&type=PROGRAM&Expires=1473291667&Signature=KiypWf7Wlk8oeO4ToXQCVXuZwF7udW~ldD7PYwMfrKQ-VhC4D--jozOuHHy9b-ssOGoUfZCpt7J4OH8Nl~k-evjtHQ00p6rP9luwPTKPI1WblowdyZ~SG7AH39cuM0L3zTSqaddh2kW2W6w2978aCPAhWUZYfo2-RX~zEdUam8s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_es&type=PROGRAM&Expires=1476169258&Signature=R90dhz6Ugn5olMJQkUJpoRMA-lA0ViVINBVMy5tyBrrH2ObGJ7Z6rQSHM1I1fqzzCuYD~vLQ9eKg8wngpBi7nHW8mG1b~7HejSODzhvbwzS-0nA4RUHftRnNToiWXgCnaETtUCGn3l0AKNSs1elKS2Wd8Yqj-wN36yJLZwgS3VA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_en&type=PROGRAM&Expires=1470790148&Signature=GLZl0grHkAOjD2r3GrLx~GvRLeUuFVJIk5ucE-zzouOc7ZoBcxbxiW2~J91uGCwhnFvLNwtIGyvbZ-qRhF~-O~n7FRnWkJC07sK6zUlwwr2wGNGmZMQPUPG2pMjSZiUGhabhPxhhzya3gJjzhlB77H4P~3iOWbHSFBomaXyEOOs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_en&type=PROGRAM&Expires=1439182082&Signature=KpFw-uoz0N1r6L4MbmzguJanw8w2ZQ71AMRON~23WLonTtjvTtNAv0S5tqVgp19oJy1mbxrQlhLRH-vBEgXBpCn531aElorz89D8PtE1~vxHTz5KBIuh824X5XV05vXQkjBIN18uDYDycCltQnqaE3plIRdTz5MXw1AvzrJH9AA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_en&type=PROGRAM&Expires=1441517983&Signature=X0upr3VoHYPxAbwYuC7A6V-iQrBBIR67dzTvrssI5Ryei4HrVEYpkRDRDe694PISs6a~YqVlYa07DZbQIXecsBfjIvTB0DCDJ3Xg5aEVcLK71tnZznvjFU2FLinaxQWrwnTBRyuin-COsAlSFFvbuysIGZYy5ZnWh8ekGK0hCiw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://dl.download-free-games.com/files/.../pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_es&type=PROGRAM&Expires=1425975179&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=QhDbP-ugQO-V4d38JJ8ECy9qRIcxmoovD1uFInPf2Yph6C1i20zrHm4fkGoUN2vJC7ELZkBmKQFs58dFk8bkKYrFTI-TxXR-btM5DkBC3D8wsWublgDjM6Ic4Ub~luLEX4JF9HbvCRiq2mfI3VhDfvSE17imLj2svLHfcLJ1tf0_&filename=pingus-0.7.2.exe

http://pingus.en.softonic.com/download-tracker?th=1/.../n2bnZHxDOxPTD5og9qeZ3RC4=

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_pl&type=PROGRAM&Expires=1459198516&Signature=PnjDJsF5HOMb8HY~taXSH5RYovMJuw-Kw89GJW5LPMT0Th6DmPGyxeitYSxoEh~UoPVVsnMjou2p4Pon8muPSAz5qTPiBsKQS0X65QGJHak5wY7hl~21CrJ3AT7YL1p5V~hOj3HNwYYQIko2kp9muaHUHWebbri-FRUWiQBgsog_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://pingus.softonic.com/.../trmsvRChbxdrflJq3ZIylWsXfmbmYGwgWnzQBmkAP uXSl KjyGEAisgWreTuFDFKuVEkNTBGKZAIYdbosUVhURjNHRmhj1UdxCaJ7IXHQnY vD4vY8a4yA2647ADj7KwpTngtE7XoS0MgslSguEKwk=

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_en&type=PROGRAM&Expires=1453106663&Signature=RmXMbXOy5F~hZ1oWlxg7bJbjPOv9XRebL2f2krtdCreKcFUaBEOXL1eayaKsPKfA2HUwhX5FSzgQkvETjRl2vr0JV2A3V3YoAxnhFHquTPMysrlRv~HZMZmPfXgMEEX2SwKHd~vjCIaIpqBjphSfJ92EXaIKCAz6jp20Xl5dtQk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_es&type=PROGRAM&Expires=1446990069&Signature=fJQK4ddQEpb31D9emUL9ysY3HwhrzN2j2So5MVf6kzIXbG4lKwPwgeqH1tX2ZGY-HmQxCfjd1WfwB7wAT9thQ9DEiM8~yVHR9AXmUUvzPf6YEzpDeBFNQrzS6m7LpcfKffkdqe7Gs-GwVPd0PfFAdg3EwIZAMOw6nj~U4c1DXso_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_es&type=PROGRAM&Expires=1453105071&Signature=d3dIMAB6vzrjH2SoBFSexZpYyTlg9Y67NQBXX7qfcsPXfItvLhNxLx9HKkclwVkMV4ExyzGYBFZr9846CwphyWI6eJps75tBdATaef70v2aObUKYV-A~gclbcCsXCH0iO0WikxnC73SSqRGesasdJ4tPO49UemSqnEk70fm4fjQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=pingus-0.7.2.exe

http://gsf-cf.softonic.com/785/32e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64990&instance=softonic_en&type=PROGRAM&Expires=1431170238&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Cv9ecmfFD8s4EX25oqfhW4aUfL1cQ-7RQWuQkUTwxqUDk3mEXjLGi8gvEc80-WbxoewIS8pMzMmQk3wqEOei~fyNdH7UXyamHiZPUIxGZKwgfecR~OEj65Obu7MH8JhGNR9DWqFg83wVVtJ3H2FR9ThY6dmfDpXzTLbEGys6k6o_&filename=pingus-0.7.2.exe

Scan pingus-0.7.2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.