home

softonicdownloader_dla_petousb.exe

Softonic Downloader

Softonic

The application softonicdownloader_dla_petousb.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from petousb.softonic.pl.
Publisher:
Softonic

Product:
Softonic Downloader

Version:
1, 40, 1, 0

MD5:
d4b9102b6e3a753430aaf261c56c2fc2

SHA-1:
d562a2c890564c636b368b73225cfb0b57200ccd

SHA-256:
ba212455928ac1b869442efd76e0e0fda9ab228d6db04b0c0a4aa40ee27902d3

Scanner detections:
1 / 68

Status:
Potentially unwanted

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/26/2024 6:08:27 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler (L)
16.8.3.13

File size:
2.6 MB (2,719,744 bytes)

Product version:
1, 40, 1, 0

Copyright:
Copyright (C) 2013

Original file name:
SoftonicDownloader.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softonic Downloader

Language:
Hiszpanski (Hiszpania, sortowanie miedzynarodowe)

Common path:
C:\users\{user}\downloads\softonicdownloader_dla_petousb.exe

File PE Metadata
Compilation timestamp:
11/12/2013 10:47:15 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:yTHiFlkI9s6dRi7X4+C9rr5TLeqvkQsoSN7MyRY9dT68:yTHEkBORij4+yrrlL+JYyRY9d+

Entry address:
0x15F630

Entry point:
B8, 48, A8, BF, 41, F3, 0F, AF, FA, 85, DF, 78, 06, F7, C1, E3, F9, 7E, F5, C7, C2, 31, A1, 51, 13, 28, FC, C6, C4, 5D, 84, E9, 0F, BF, F6, 88, EB, 33, D2, F3, BA, 06, 2A, 00, 00, 8D, 0D, 5D, 81, 32, F3, 81, C2, AB, 0F, 00, 00, 34, 65, FF, CB, 87, FA, 69, F5, 72, B7, 7C, BC, B0, 63, 8B, C5, 81, EF, C7, 0E, 00, 00, F2, 50, 68, 13, 6E, 32, 00, F7, C0, 97, 55, E8, CE, 85, F6, 70, 07, 15, A7, A9, F8, 33, 87, EE, 10, E9, E8, 14, 00, 00, 00, F2, 80, ED, 88, F6, C2, 2A, 3D, 2A, 08, 86, DE, 84, E8, 81, FA, 8E, AB...
 
[+]

Code size:
352 KB (360,448 bytes)

The file softonicdownloader_dla_petousb.exe has been seen being distributed by the following URL.

http://petousb.softonic.pl/universaldownloader-launch

Remove softonicdownloader_dla_petousb.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.