renomear-tudo_20.exe

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Description:
Renomear Tudo 2.0 Setup

MD5:
74fa205450f02220425e4c03f28299f6

SHA-1:
e9342461d825f84c8f1288d690a279184ce3d071

SHA-256:
99512556fd68cace85d82159be1df0944c0fd0084b3b2d4e6e566b3bf256fda1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:03:34 AM UTC  (today)

File size:
1.6 MB (1,692,017 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\renomear-tudo_20.exe

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:wFwUpinnqcpoYEwwKDdjebVawQzGYxxbaBNbnEgE2nJ7La4lN/CM5xTrTb53avff:epi1DEwvp0fAuvbntE2nJ6b4lrv537+

Entry address:
0x9424

Entry point:
55, 8B, EC, 83, C4, B8, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, BC, 89, 45, B8, E8, 9F, 9C, FF, FF, E8, D6, AE, FF, FF, E8, 19, D1, FF, FF, E8, 60, D1, FF, FF, E8, DF, F5, FF, FF, BE, C4, BD, 40, 00, 33, C0, 55, 68, E3, 9A, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 94, 9A, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, EC, FE, FF, FF, E8, 9F, F9, FF, FF, 8D, 55, F0, 33, C0, E8, F9, D4, FF, FF, 8B, 55, F0, B8, B8, BD, 40, 00, E8, 50, 9D, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, B8, BD, 40, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
35 KB (35,840 bytes)

The file renomear-tudo_20.exe has been seen being distributed by the following 16 URLs.

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1472863051&Signature=UOtJo-woqRui9cNCqv-40Qfnewz5KTv7KcIumnmSQbhm-XS~tX0BK4tHwIyzkYNHeMO2qElI4Ny-E~zRIhpoiRAdmipYnkzBFXbX9YV6wnzqJ4Uf9JQWi6x9zYPUL5IC7eN74Tuq8rLM7QTWaZ14UBNlL~sZWKrw6UkRsgNjgR4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1485146464&Signature=ca27u6UpDgp1lE4477skzV4U7zrlw7sC2muqxEQxiNK-HE0yHnoaPfenDlejA05OQtaUdo6zmnCRgf2OL9~IJhOpnVFSCWS2H6H8eOsP-TIs3jWeXXJqm6OnzAl3xs6a0Ue3qQkBfPkFPcN-YEZYaNK8OB0~D7BnhRCzJEMVtKk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1480846987&Signature=SVTBZkUBaw3P5swMnG~QgZu1DKHeSJA6VEJD-Kff2NfgyvQQwXhQ6InVX-9z4CcsnoBrjxIUp8jJrE8p113G3rbiBBl4HwwKMKMDaOWzLmTmijd3P-2TgV~4x81QZtriqHzII8QpfnMNQnLp979JpxYif1FLnSKanZXp4jKECWs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1476440058&Signature=ho12KkfadpuFRDD~YutyXgE7vsJwQCPcoM1dPys3qG2unu2Mgh~N2xk-dyrEUlx-FWjbNparX8uG~IZTCtEheihL7nBmvb1JpB-JRpixNU7RTbOGATZAATLCycYqRsy~7sJs3QFrZAncQdpaO96yyf2UKOKSoSL4hfjDbCZ~1N4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1481785156&Signature=epl9UkKyAnzGHAmzqKPUlE2UsJqOX2R0~vWX9sMmHT7ucF-I2ESBoeYBFXqMlq00QrvKVMhRPXiZEDWX74iQi5cygWV-mehhgDmcenlOOGkWtv1V5FGIQ7qeGcyq1AGWLbKd4VzI11HyDbGlLHDl-6OUiB-9i98IGGmW1RR4VB0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1469232042&Signature=F4BeGIgGu~uiWU7Q1piekFS476lcwnjhJrKdFOLYwemtRUwiFZzdcFZvVXm5gsucUcxcoGHSk0WTSpmmNS9CT2peolzzdeieSwVXaOO2XRf5L~874b5xGHjSPos~HazR9zRD6UmGtQKupi73ytmSbDpzpWg2Zl0qkF5Br0Ua7Mg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

http://download989.mediafire.com/ld6bzde3wqwg/.../renomear tudo 2.0.exe

http://gsf-cf.softonic.com/e93/424/.../file?SD_used=0&channel=WEB&fdh=no&id_file=95909&instance=softonic_br&type=PROGRAM&Expires=1470223031&Signature=MesKjDbidVdftNHyPks9hoNU40yk3YDAh9019Ervuj8xWSdeVDumsKEALMx4c-ECJlQeZhTkHnTG722Z~ZsobIHbxSJVER8MBhVn6rdBSxsJxe0TtW3QfKoKcTn249P8NC5HErlRNpO54E3AG3JSKLSbKJqSARh98xbbd7y-xk8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=renomear-tudo.exe

Scan renomear-tudo_20.exe - Powered by Reason Core Security