softonicdownloader_fuer_3d-fahrschule.exe

Softonic Downloader

Softonic

The application softonicdownloader_fuer_3d-fahrschule.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from sd-cf.softonic.de.
Publisher:
Softonic

Product:
Softonic Downloader

Version:
1, 38, 0, 0

MD5:
ae1d833753474fb42932913db2dd4a78

SHA-1:
373ebaddd2c8a196ccf24e72f0ce962484f9440a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/25/2024 7:15:03 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler.Meta (L)
16.5.26.8

File size:
464.3 KB (475,480 bytes)

Product version:
1, 38, 0, 0

Copyright:
Copyright (C) 2012

Original file name:
SoftonicDownloader.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softonic Downloader

Language:
Spanish (International Sort)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\softonicdownloader_fuer_3d-fahrschule.exe

File PE Metadata
Compilation timestamp:
1/15/2013 11:22:07 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:YtKCjgWQ/8bGh7rJqH23Z0DVNhwATwbv4WLAsbffZ2JDi8dlg6ROJhHJxQ1IoSYz:aKC8WQLRZ01utNj+ic0IIoSYEz92X8K

Entry address:
0x1575C0

Entry point:
B3, 05, 71, 01, 47, 84, D0, 18, D7, 87, CE, 69, CE, 9E, A1, 2E, BB, 2B, D2, 81, FE, 77, 5A, 00, 00, 73, 03, 80, CD, 18, 88, C0, 0F, AF, C5, 8D, 0D, A1, 6F, 9F, 2A, 88, C1, 89, F1, FE, CB, 0F, B7, DF, 78, 08, 0F, AF, DE, 85, DD, C6, C7, 41, BF, 2F, 00, 00, 00, 8D, 35, 75, D8, 12, E2, 0F, AF, F7, 69, CE, BF, 37, 69, 70, 6B, FF, 03, 71, 03, 80, FF, D9, 8B, C7, 32, C9, 85, ED, 6B, C0, 09, 0F, AF, F8, 12, C9, 8D, 1D, B0, 81, 8B, 86, 03, D0, F7, C5, 1F, 20, ED, 8E, F3, 81, EA, F4, 04, 00, 00, FF, CB, F3, 8D, 2D...
 
[+]

Entropy:
7.9738  (probably packed)

Code size:
344 KB (352,256 bytes)

The file softonicdownloader_fuer_3d-fahrschule.exe has been seen being distributed by the following URL.

Remove softonicdownloader_fuer_3d-fahrschule.exe - Powered by Reason Core Security