home

print2flashsetup-v4.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
6665ab9f19bb05eefe0c5bae45e82b71

SHA-1:
5f9bf73aa3105ba4f9d462dd217c8ce7271106c1

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/27/2024 7:43:56 AM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan-Ransomer.BUM
t3scan.1.9.5.0

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.151222

File size:
28.5 MB (29,863,936 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
8/15/2015 1:12:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:s7IO3uPSwUq1hLZGg5d2meKG9BLe922A1me:ssO3+SwlLJd2meKdY2ome

Entry address:
0x14BE

Entry point:
E8, 9D, 10, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, 60, 10, 41, 00, 75, 02, F3, C3, E9, 2A, 18, 00, 00, 55, 8B, EC, 83, 7D, 10, 0A, 8B, 45, 08, 56, 75, 0A, 85, C0, 79, 06, 6A, 01, 6A, 0A, EB, 05, 6A, 00, FF, 75, 10, 8B, 75, 0C, 56, 50, E8, 05, 00, 00, 00, 8B, C6, 5E, 5D, C3, 55, 8B, EC, 83, 7D, 14, 00, 8B, 4D, 08, 53, 56, 8B, 75, 0C, 57, 74, 0B, 6A, 2D, 58, 66, 89, 06, 83, C6, 02, F7, D9, 6A, 02, 8B, FE, 5B, 8B, C1, 33, D2, F7, 75, 10, 8B, C8, 8D, 42, 57, 83, FA, 09, 77, 03, 8D, 42, 30, 66, 89, 06, 03, F3, 85...
 
[+]

Entropy:
7.9974  (probably packed)

Code size:
41 KB (41,984 bytes)

The file print2flashsetup-v4.exe has been seen being distributed by the following 4 URLs.

http://gsf-cf.softonic.com/5f9/bf7/.../print2flashsetup.exe

http://print2flash.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWvK70YmPi91jOyzJvngz57LcOvxXCN3tSozxehIgEZmVBUMhJqSNZKRR1s8D5HH36sLHzKWhVACHBB4z7HK8aTK0GF/.../L9w=

http://shareme.com/go/2079/.../

http://print2flash.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOXcWk/.../7BxXuZjFDhQ9se21tQpx7z9Uc2isbCSLPEW5cHTXodmU4TOaFtcM1zUspB PijAxMyuy7Q3PUCI2gFDEOWxPcKgwXjOhEhEiiLq0aV18KZslSDMg=

Scan print2flashsetup-v4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.