home

softonicupdate.exe

Softonic International

The application softonicupdate.exe by Softonic International has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.bundlequicknew.com and multiple other hosts.
Publisher:
Softonic International  (signed and verified)

MD5:
9fa8c7cceb9d22bbeeb7765e5a45da52

SHA-1:
5bb9e5a9404ae6c1666aa700baeceaf0a5a907a0

SHA-256:
87d734a479fe433936a7aa142f64858922a009de995d16cb26a35ea585c5d29f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/26/2024 4:16:28 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Bundler.PPI.Softonic.O
14.5.6.11

File size:
27.1 MB (28,436,976 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\softonic\performingupdates\softonicupdate.exe

Digital Signature
Signed by:
Softonic International

Authority:
VeriSign, Inc.

Valid from:
7/3/2013 1:00:00 AM

Valid to:
10/3/2015 12:59:59 AM

Subject:
CN=Softonic International, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Softonic International, L=Barcelona, S=Barcelona, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
67C1FF44C765ABDA26027A6DCA52BA11

File PE Metadata
Compilation timestamp:
2/24/2012 7:20:04 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:plS/2lUjMMPFMAlgoQpZCZPORDsddlI31bxUv:nU2lUj3F93QpZfRD+wU

Entry address:
0x38AF

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 68, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 90, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 90, 40, 00, 55, FF, 15, C0, 92, 40, 00, 6A, 08, A3, 98, EB, 47, 00, E8, 36, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, EA, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 64, A2, 40, 00, FF, 15, 84, 91, 40, 00, 68, 4C, A2, 40, 00, 68, A0, 6A, 47, 00, E8, 18, 27, 00, 00, FF, 15, B0, 90, 40, 00, 50, BF, A0, F0, 4C, 00, 57, E8, 06, 27, 00, 00...
 
[+]

Entropy:
7.9971

Packer / compiler:
Nullsoft install system v2.x

Code size:
29 KB (29,696 bytes)

The file softonicupdate.exe has been seen being distributed by the following 47 URLs.

http://www.bundlequicknew.com/_xFJMK1kOgyJNMuQqhcSLHk7Gh6tmq kcztHyfWug_hd6k__Y5ynLs7QgLWjjQZsExSsj56wFrTojB6QGNrPyTtKmdljA8PaOxTQdiC6tgHDOHav9W2w_1FPBTkE7f75E1k7uafJmyuadm0zvweeRFQyZFXpCJ5tc_lcWixSw 6a2IeUJwIfFdi0m3o3t0UKmVmUiFdBQ1wCZVN7dLSwP JoGhVssV0a1rvBnNaxkhPPLC 9u6HSRk70_OVZRaWXU3w95wPEf2r_RsRK_d8osAh9YigMmGVx6_YrJLModVe7VGyLgn9EN1Rn6KzUPqNtDqe18PtetSM pjTmKJXcI7SAPEbVB1weG8sBw8y9x8LLttY0SNZWKmR_2BqIWg5mYDWuWiyWSq0Hk039tHIIjH prcOLNe_CJ Fld7ToKiRTYfzmgR9DlNqEAsJCMC8gBFXnE9daQCYUa4J2t9ipBoRs1Lfvz2kxlbXnZDaxMB4eKdS0sVPbkx_NS8zInBGAUtMLsLgGpTR PWzqT74W2YQzCRsRbQ==-G1sAAGRyXWtre u62ADDBhy4JBQOOg8mw8bY2SLYLu15rpMA30g3z0s5Ghl4aFa7zF0B62WH1wLXA6neSj1OeX64 jZ9OvjnzKbqNHiNtG1AJeMUR5A0x1MM-e

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1424161567&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=TvAay4tejp9JW2HK6WBngYsEGoyJRVMN54nL2R5RTDHMbu98ppw9kvV1oOJkbj7CRHD0-loKmob~9wwOFwrlVxW4pQ8eKZ0WxNB~OntDnkRQmRIpl9tBTWoA4dCwwdnHgZPi2hzU5De3ZYSLhH8RKGJqLrrDJxRSi9qNESD1WMg_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20141224153111&nva=20141225033211&token=096cdffca448e272f088c&SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20141216135532&nva=20141217015632&token=097cf8bf5ad4458004cb5&SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1421128070&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=DpbUFhCWIMig3uCngbwuPuMm76Oe7SGkzSmmkaftsWNu2w6kO0Rcu55gMLhUzuh0dvclX2o0wOPJL-JIx9PFwamWlYi2AZ2myC7fg5~PM78tsK8jV~1tgvdQ3e-EMWPE7DwlI6lORzF8w9mOZw~zHAM5pq5z8EiXWM2m5bux9XE_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1426708459&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=KplX7OvW3DgfYRvY5a4~A~5agrP4uVpmqfrVlgQWQP-g4c4VXmPQ3RA8D6b~2zDlQHjsI4p-hdBHV6TXf-aRW2twbNSoEBrS-Bo8tjvTrU1RHRhv00y-zGjMNsHUBIAYN0c5d7r-evk3E0BqbLMO5OFRqF5XNcPNPuaRd5KDwdE_&filename=Softonic_EN_1-5-11.exe

http://share2.earthlinktele.com/download.aspx?file=1454009714&sig=MDEvMDgvMjAxNiAwMjo0NzozOQ==

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1430687582&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=OT0Wwwe9KnGggKp94hDqODNbp-g0wWZ2AsRGnIN5APrFXGAyRGEKktRAMkqyC0~r2IvnLLtRiIY0n3nJPVbuge46SbaftPy5efF7b~4Uyylu1fB07RffG91peIuyqWc8WTymFXeMkaoMDECVrQCZMP~mRCJ3GE53tmo4uwe2vOM_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20140705133432&nva=20140706013532&token=00f01b0c1c9b75eda85e3&id_file=333076&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=no&SD_used=0&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1429746725&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=K9ANMwVJX3glCR98jiepQ71QCDGZJ2o~XdtUz0YGLAf4xGnmPYMceAXDQSTa6bBXgdf8xnhN4m74qsE~JKXR2ksicdtR~iZQ8bwll4rm-5x-dB7Po7XmFzJzuZSlpEZ1EFchRP4tvkXBUYQ-fNMPgkGp8HA1drM2R92M9BqxbNM_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1430090662&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=f9XoDjuQYlemrUTxAzAuGyvmZd81z6Sy58MFzIsldW5D8F-sM9HSyAA9o3~Huyd1-us3PXmuhm7NwRALR3U0BT5ArBJ6TUBZ-AIMScMkPTpBBN~-OTQds~bmhKqYbDhY6O850j-Pd12RNHZqBUZ1vkIiaBw0CmCfa9AoSHZ7tH4_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1432548450&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=DrmsayvzLXX2vI-CbBZHQ4HsGWEMY-hAb4LzwtkCTEY8g9nyA3Tm3yYZD3VNBAsAOCdBjHTzP~pO402LqCDTmV2SklKWL11AKcfbRgEs4pnVKs6SXugxkY-vTPgOBlQ83vZ~9bANAacLDzyxJp-Oxc7nKza8mi8qaXBo7XhNays_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20150123162237&nva=20150124042337&token=014242030acada54d2f11&instance=scarlett_en&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20140731101848&nva=20140731221948&token=03cb469f5a5ad56833335&id_file=333076&channel=WEB&instance=softonic_en&type=PROGRAM&fdh=no&SD_used=0&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1425623470&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=cBSLoyBCIkDiTHM3CfAHjoVstPvgYkUqwJ7r4lHB-r2wgiwpe9IqoXXST7Ab3ZZRuRkzjKP6FJR57otaE2jPAxCVKQlUl0iWrRXfh8kfnJ96s4KRrsHK40LdTGkCOHugFRbVo-LQKwJ2mMJm~Mz8xZfyKwOUYt5Zmq8QMpQNJr4_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20141128152205&nva=20141129032305&token=0408d5ed9407e023b9ded&instance=scarlett_en&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1424391020&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=WB0DWzy~-sYuahTTPdoQeKkCUf~DR6JBLTH9DkmntjwLjbihbf8EPTVZ4hmR~d9Vp7610t5tCyMR88i5zVGJp1d5pUnMurY13HjzAOKhvFJ5bWbjrxpdgLiOFNISA53vVGMrsXeTwcwPGugmfb6-hEw0UPdTwUXC4AkCcru6Zv0_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1429146708&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=W~3~eTsbeJlj1xQ2z5V-8UWjX4NzyF2BHhHEseYrgquOoM50D9Lrz5uNyX1kpIQjqEALnEK4cyEZG67WBzv9QqZBGRBYIs7hK5~hrLwHfofukk~DyijoQQ5d~By9gJCM2dRX~xO9EB2037ATjAMmrGHaOFsf2GPKFviYM3yFbYM_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1430464730&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=XWDMvKQbrrJ7XUc06CvfUIVl2BZmhb6k2uOGY246mLGuevy-CGy68W95wKSxkR6LqgFyq0Y60ZLYZ-S~WcjVtGcM~B2CiOzoyMkwIkL3Jf0fWfVdWZZftdV2g1OizmbIC2nkOWIy2mAt3K3RSY3mrz1K6GBR95E6BfpJr4xaWYM_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1432540427&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=eXGYJBnLTybxcMov6~iQB2ZM68YmkKyZDdt3pHTQtTtQteb~5wKXNxI2~KDfyo7UcaZdcGNZZrEFIXDGUutNoxsEnTomkWS2X7U~60xL8A3BkMLMGFCicOKk7uhf9uV-~pcOlxoOU5Ynf~Nds30bBXzkf~1DUt6LBKhriXQmUtk_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20150109121847&nva=20150110001947&token=0bd6f369fd0ada6369600&SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1422479243&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Kw1u58uGIOlJA58LSWciYIPozOo~52l-7zaJPDjxJJh1uzcj9raXgZLGZWgGCT3pqzGdqeDnBGNy4aUb7YWwxfrrn-3udSf4QYfxhcuPyXrmY5L6VRzx2BKc7bJpaP4j62gNmlB65cL0~egJqTfN-JRlHO8njRlkiUwoRucL3j0_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1435358577&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=gjb9LmOM24vfuIxdnjRGPgfsy0gdFqiM9BVFGhWMfYbLrdv0nlepQJsurSHg2IyFC3XEgvnvYH4zlnSSxTfVmQJFJ7QWAId4pnU8tTTPnKfqxh503LvvzD9nHiKIhxJ4fyW6bG0jKvNCZrqzA40O7S76V31FK1qs8OVQKeeShj8_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1425071096&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=dKmfyW3-2YOQ5gkbCDAto5Jj1C6yDRuKMpFAEglNz5ePuP84TtU7SByIVgE43HJtTJIGw8zjXW~00xImwErz32zWSn5Mx0awCIKAhzulrLi5QxH1CiPr8lJvEzp6jUH6LGU06661XqRWF8aU55Gw5ZhSnX-1AadawDYUrY42F6c_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1431245292&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=C9hUVQg0EPkqIQmIFPoS3bgKCgcUNnVGojdQqzPjeLCIKkFJBwxhzrvd7tjMcOboS6X5Z0IMbvQj1DwQyUeNQ6FbO2A36wOOsgBVBBY1tr8ns7FaTIJU9NyF9Hzevv6QhYpXd~SRnQe9LUnSuuOV98uy5esX0kuYtpPldvfXWDs_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1426273451&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=JPyGhEZiUpbMhXIWb3D8zbT33fRmTPm3DbdhdAAdD6XN1yGmLf-O6b1PKsC8miIwSXIIoeoNsTZWRjB5ZUkkz48OhWpRYEd3OG~LdJ6wKzdEEsYPzqHrRQcLASBop-Jyefwpq-f02CB~P3WCFw-MUoGU71Rfu8eD~WmmAR287Gk_&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1434205702&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=LzpsrdaQynApWav0GAEDRm1PlVQZBFwtaspoP9YEC-S5h2Tr0kUgSRPEiVMC8WD3HYmOiS1hq4TPSN255N1vUJc2GlEFE9JZaJnAbkNxyAIL2nXKhW1K7HEW79fIqyOr5HLjMn-2PduJ1cDNV1mbbIJaRu93KSOdIY9J1bKI0K4_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20150120150546&nva=20150121030646&token=0971759c8ee9e47ffafbc&SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&filename=Softonic_EN_1-5-11.exe

http://gsf-cf.softonic.com/5bb/9e5/.../file?SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&Expires=1434051720&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=BC4w5pmJPnp027wIcL~VNu4Ryj-nclyyz-MUrEWAZHce1cz5tNaLTn~uEHFfT-85bFu~wA3R1Vdc621VjXonWJKHCXY9EwS-RCgQCzDb~P-v8msdQ-RCoKG3s0jYp7xJXTkLr7eDY5lwg7gRDtJi7negHKzxDBcM42fzCnSd9q8_&filename=Softonic_EN_1-5-11.exe

http://global-shared-files-l3.softonic.com/5bb/9e5/.../file?nvb=20150124104544&nva=20150124224644&token=0a9de311fc2296d47ac97&SD_used=0&channel=WEB&fdh=no&id_file=333076&instance=softonic_en&type=PROGRAM&filename=Softonic_EN_1-5-11.exe

Latest 30 of 47 download URLs

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):
Connects to ec2-54-72-9-115.eu-west-1.compute.amazonaws.com  (54.72.9.115:443)

Remove softonicupdate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.