setupscreenhunterfree.exe

Wisdom Software Inc.

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from www.towerbitscenter.com and multiple other hosts.
Publisher:
Wisdom Software Inc.  (signed and verified)

Description:
www.wisdom-soft.com

Version:
6.0 Free

MD5:
1e50e12fc4ea991f64c62b26bc4833b2

SHA-1:
ac3ae4c78699357e90b71d49cab2c4bae6a704c6

SHA-256:
387dfcf9f10d1c2e99f3c93b93fcbd8c38a5607cca45b9753df88599923b19a1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 3:44:12 AM UTC  (today)

File size:
12.2 MB (12,798,032 bytes)

Copyright:
(c) 2015 Wisdom Software Inc.

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Language:
English (United States)

Common path:
C:\users\{user}\downloads\setupscreenhunterfree.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
10/28/2014 7:02:11 AM

Valid to:
10/27/2017 2:51:55 PM

Subject:
CN=Wisdom Software Inc., O=Wisdom Software Inc., L=Coquitlam, S=British Columbia, C=CA

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B56DB64A1978E

File PE Metadata
Compilation timestamp:
8/13/2001 10:13:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:X4qzmcivhi/vMI2sWbyX4VO7AsZxLcIwcQG:oqz5Gh8MI7VX4bs/Y8

Entry address:
0x21AF

Entry point:
55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, CC, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 64, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00...
 
[+]

Entropy:
7.9988

Packer / compiler:
Wise Installer Stub

Code size:
8.5 KB (8,704 bytes)

The file setupscreenhunterfree.exe has been seen being distributed by the following 20 URLs.

http://www.towerbitscenter.com/z7h0shFXdPRIUE4Tj9s6ozLbLeOBfysXJQIdh1SIB9x9xJQ3h8zBvmcjSedNcY649T5gizq MHn6JzxHrdKxeBh3aRQK6CG0_q1tt 6 9eeJqiS0XhixoFm _VySLJbDNFSyDO1aVuVEhiLaFSBpKbvd_XsNg9J9X 6NprZqd2NPT_T1_8fqtEXOdYfXf3llHLIBnpKpHTRmQ3wBT3RFGpZ9FgPXKQ==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.ranchsendgift.com/2dRWxKxrhqgm1BQ03RiVcqo2TCGhDszEOabwQK7iNI3Fm2jrAAADrOZZgFegobnBgb_EcA2zPL bmMNr2x iLjlhtO1b3Zr5qComRKhK85DsFmqM PZT FxProEGJ lO1jNb2_019qx_cPmEYpJdbyuePXflDtmYAD5 hUxvoixRiVOrM_h2uqLZu2bNq3onXlIHfbyxfhGgYqK7MUPBiiYmZqB0SQ==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.tamindir.com/indir/MjAxNS0xMi0yNCAxMjoxMTowOA==/screenhunter-free/windows/.../

http://www.ranchsendgift.com/yzvlBKPh3nBafDdnhjVg4kVd4KPHjPYiaztafaj 4rt6Ohf Uzu273whFz02FMhant4rAkXjc4uQGSXzEiN0zQHfZblM1GmQgnqAZBGBPsNYuCgqFEaDRD5wc4AT9b5vNwbRTfy1y1Y3UA9YO xSk_iJPuSgamA997B2Tdxp5bqLg S4IPZp2MOEQLeH2STwQAiv0VIe0n8Ggm5248v 2AzfBHCPJQ==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.ranchsendgift.com/0ikBmc4rfK4W9MYyrU3CT8KjeTfYcP5UABhWQUDYryWPpcrXKalFdfmmV6RjiWUkCiwNvhqZ4AS3t LamrcMR0iDYFKNBe1YwMptYz7owRuR0a9YD76mrrsvfWiOX71rrRAKiPOeD2zPJpYHi5mQVrsTg7EWiJcI3upAeiBLzEz0vJm1OgfDLTDb0Vas_MDbfkntjZ9C9dC 94gP9AHSeWP4RxAB3w==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.towerbitscenter.com/zkJSVBg4sFKyvsKPE8GGDodpE0v2AlDuYKAtkvp2DBz_8j6_IKJLkZbtMZ5TUIR1MknVvtziPYIT4ANmRz8kVVTp4hyTEkexUs7I9uDPIpR8jExOHHoL0ZqGMWSzVxM MrPCkRet6s3mP4RkqPaZmPbLS4rVu_v9yuucPqqphdea3mJFK_pKAM8XnyoQ5U2N1JbNF3PjHbRt1Aeb6pdsAlZ1AyuSfg==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://61.222.3.60/b57e80c0a6a68b5718cf40424cbdd1c8/softking/soft/en/.../setupscreenhunterfree.exe

http://www.ranchsendgift.com/7jYLhDHcaa1jxg2rd_BUuPjCY4 R0pRid36lqKKB5B4vlZGivRkYY82da1m8oii3eArydIo8nvU3yl 4nzKBoio1jFkx7BoevcBOIEmUggPawbvJ1SlWy9oI9YIn6jECZRQHwxpf_G6AYm6jbb5FHuCxrt_OUNfqhNUSEIAutCxTjhD aESrdBH6r3MUF8YQWIPYsOIKU4WimwWJHs87jUqhw3ZjlA==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.ranchsendgift.com/PdU_vUtusRb0bCXTXWqO FDFpjtFoDLLreyBYp_DP1QxeOcTSXnIBO0QGBCXy IiR9GrUFk1umrStAsRjyjdWOAqZgTD5CwLuZGbp4dMAsw2padZshXr2xmuL42Tt Dlhvamkw6PIEnlPSlW0sXmObghD5Px6aRmC YFptGoVH68IUWZzJq66fpDEi4qzEnk4ZNZZSzMw2akPltyo8qTxrs1A2ipow==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.lo4d.com/get-file/screenhunter-free/.../

http://gsf-cf.softonic.com/5da/2e3/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16215&instance=softonic_es&type=PROGRAM&Expires=1475634941&Signature=Gdih9oefvupZuxtileJ5Uwr3o0mzpiK3-ryLbCFYQ-XbQDRQviaprQcAf-85YD8kj8Mb7EqDqX0LDbV6Duby6YUV3ovbSL-wHFF5Nsi4fGqRCM4xBySn1SmBGSZn6Cv8Z4QM9oaV5aILwfI2je9PjQ2Dm~6MaasY8re1qdz09aU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=setupscreenhunterfree6-0-227.exe

http://www.ranchsendgift.com/pNh1PKTNxCyVgMZFi1XSFpDqVEQbYvBtQO5CvZtBV7zYUHdbP0FI6D7YHPVuYlcgkx54kSKwngX3iBSi9VpPLucW7Sisy7Pmt5Tu_0PTQ5JI_iOJHckd SQHdHlAtTjviUPb2l gRntxrj5UiHT3qHi6JORDWuLHCCniHR9gHKw1QQNG4QldPZKMbGosWnNzKOM_v9ckW 7gLpajAFh0PBLJUJrLPA==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

http://www.ranchsendgift.com/USaA0rp_DcrerW_AaJTWwP2q6KVDe5_hoBWbLVBAW2apwh5StJRgnhyqtZEG2Eo7R9x7YRuM2mTPKGd2jO5dIFPw2QUfHFOW9dpr2SuVSQRFAsckgAtnorrro73I8y0IEjze6glmxkFu8uvkVKWEQ_wkSTq_E2LmmrUDZdZrD Ul0QbJVjfTFJAKijg_OfMlRacd8_VqyPA6Zm93pSxPnZVyemBFkg==-Gz0AAMRuOU5YF1cMoo7 PcbG_sRxnjEFNsbOFQxJb4zx9yW9S1qikuFPI_aGkKgUoCo AA==

Scan setupscreenhunterfree.exe - Powered by Reason Core Security