home

softonicdownloader_para_adfender.exe

The application softonicdownloader_para_adfender.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from adfender.softonic.com.
MD5:
865b42e8e19b75f8bb899f8a1625f659

SHA-1:
25d932af321748d220be35d7be63bfe9d09191d5

SHA-256:
7ffee873c0586789cd6ad80852ca897d1129ea8acde3fae741b613bea23117ac

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 6:35:07 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler.Meta (L)
16.6.3.11

File size:
375.1 KB (384,060 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\softonicdownloader_para_adfender.exe

File PE Metadata
Compilation timestamp:
4/23/2014 9:21:29 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:UZ99w9e/wBATRTsOJbSTBfSD+XreW9ZXcLTBZLpGImcyZItGY0YeYoSZz7K0ZJGz:UZ99wWL1s2WXiWXXyUImcyGm6oSZS8I

Entry address:
0x52DD40

Entry point:
8D, BE, 00, A0, 52, 00, 8B, 07, 09, C0, 74, 45, 8B, 5F, 04, 8D, 84, 30, C0, 18, 53, 00, 01, F3, 50, 83, C7, 08, FF, 96, 3C, 1A, 53, 00, 95, 8A, 07, 47, 08, C0, 74, DC, 89, F9, 79, 07, 0F, B7, 07, 47, 50, 47, B9, 57, 48, F2, AE, 55, FF, 96, 40, 1A, 53, 00, 09, C0, 74, 07, 89, 03, 83, C3, 04, EB, D8, FF, 96, 50, 1A, 53, 00, 8B, AE, 44, 1A, 53, 00, 8D, BE, 00, F0, FF, FF, BB, 00, 10, 00, 00, 50, 54, 6A, 04, 53, 57, FF, D5, 8D, 87, 27, 02, 00, 00, 80, 20, 7F, 80, 60, 28, 7F, 58, 50, 54, 50, 53, 57, FF, D5, 58...
 
[+]

Entropy:
7.9627  (probably packed)

Code size:
336 KB (344,064 bytes)

The file softonicdownloader_para_adfender.exe has been seen being distributed by the following URL.

http://adfender.softonic.com/universaldownloader-launch

Remove softonicdownloader_para_adfender.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.