spiderman.exe

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
ef027055b3d5e63c001e02c87dd79328

SHA-1:
c629626cb55812e4597f37e99b983b2b3ac1d681

SHA-256:
eaa6836168f414295a28c15059b5f3556acdce789cc404a32637b05af828cd67

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 10:33:41 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.Hosts.6681
9.0.1.0192

File size:
129.1 MB (135,400,826 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Wise Installer

Language:
English (United States)

File PE Metadata
Compilation timestamp:
4/25/2000 4:37:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3145728:gtE9lQgyg7CUoI6OsURWDXLpglaANM4SVm6pVoVr2gjCnTDCWsi14:bPDyg7roIkQWDXCJM4C/Kr2gADCo14

Entry address:
0x21AF

Entry point:
55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, 90, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 28, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00...
 
[+]

Entropy:
7.9988

Packer / compiler:
Wise Installer Stub

Code size:
8.5 KB (8,704 bytes)

The file spiderman.exe has been seen being distributed by the following 50 URLs.

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1484695420&Signature=fr1uXoLvJTJLryrlLWJVSn-5ZYD7snD0ofxg19VP4e7NDWukS5eO35cvZuiJm3ZrPG65jNXBHSbte4QQyEq6UrhwcND~7fAltl7ROkv8z0gJqHRVs-WuJ0RUf3ygv6ve~FDsZjZM9SF8npQe7QD2Re1IkUPYHSc1tMng8n~U4LQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1483762561&Signature=E8p8bsP74jrkQnJeiPpw0wd3G4rYlzjyqBbSZ1BPEDBb7aLD5eZsSEiMvTisQj-gkCVb-8yphzwJjjIQT3YOOU9kwULG3iQD0~oHDinhzyV1Q2A6i4uzkkppmLiSrabUuefYB1ahfs-KYHgzSpeJBlGwmT3PqVMYcSGQWfxtgqg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://global-shared-files-lw.softonic.com/c62/962/.../spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1457852952&Signature=egd5-Q9lF2aj1Vla9jTCh1Mn52I2U7bhFaXo9ujbfsHiSEePYvFbYEYojTeBe0DttRIcThf~tFQM5Fws-rBHOTcsulzn60~44AMsnPU9UE~vMUxdl0KLx5lsz7~KwNpROSgC4N8norGDS9aBhjdQLikZyrERT2YKH8y~dAeGDHo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1486955054&Signature=bV-HHUicek8m7mezLQrVITJ1~l5WqJBWyQKgl-BH9Egex~5wi775WGdiJ-RBpdonmlO6cKCtoLvOdMAUaj9q2YjZs4H01VDo9hwsMaQrsmMSBll9NDIOaUiEYLPLt2LtHNY60f4LnNjqYheKzv3bE5Mfkz1t-Kv8~wvzEYlBHOw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1481501992&Signature=hsXgjl7qqX6wAwiNR1WNhQPMsDfjzYgEWAOJjH4OVgAcDqr-D7OUsRSwPzjlgfk1QjltI3Lhzml3yEgM0YAnpkwzQlPCD4eiogVhtBEzsPbfd3SSuSaU9a6Qd6VWr-cFgAYdadJJByXJ-VH5k8NMUp0mu1PplibjKDAAXEndBcA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1477877033&Signature=XumLF4VnNc9Bfb5IyEzOsKufCXF8tfgZMenbeCYtxsq0sf9eY~eeqHP2wthPISw1kwXUlv-Klhbzwt91V8oSajyRWHYbwA9HTzd3UGWTrr6Uxqs4v4Ur-5fyxAgRqk~S-aN6clRaa9cQoZf3fK2bvc1CL7zR-Cf8o0v~~vyqRlY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1481770805&Signature=RhgSs9MR8xDNYnNhQxFH88qDhq~9PDE8nk6tj83ZApCdw~r2mZZJXKovIwxfuOKgHaS0FezW1srnZ9ETjklHzrIWbWnz8lwZkaPKFvuQOdXFslOJK7T7ZLV7twhapjHfwZondYpiH3jtrIYkRx4XWnEssBBb7FX7-Go6yswfm0o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1472163330&Signature=TCyJjWK2BXHFcCyiF6kRXWdisbaiiuFh4xoA4j4AYObz7huvivDUD24GTE4KqaqbVwSMG3WvheYl6Dwr2z49~m8VlzMEFger11kaF4a7~9xZeREDWivcGEw54bbZwiteqjtjIlbV4bpNnArLRiCmyXbmki7G7VOueLqYk-SjcDY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1485914915&Signature=APZPa-QBR97yenejo5IMS9nvCPrrWjZmhkOieiGznHJk621grj4PrdRlxNQB6PqdkTfVQviblwdgUc82G4438q~G2AvAyKY4OaX6OpqMtIxQJK2ezQd2V9dwjJdK-TJ--Fqq-agrg3TmBQMnfsiKCNF~sq~kH7VS8TQ7a2SY-74_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1484513166&Signature=Rq5nMfCy6H6IC4VCXtTzlWtXYhsc3Ga5K1kn5aUGRXzyI4oa3HfgAVRHwrCIrVVi3RGk3kegM~UmTFlq5FXk6XpUODubgqFZlT3-mgiw4ctB2lfhfCqFuF9FFmGvRhkBnn6P8NWnXP2AXl8ivyitt7FCihld85VHuNq6UYXS5~E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1475901707&Signature=ZwLHtAri~yOaZfMOJmfQ56EIFyQuWAlPqK2GRTvU1SV1RP8Zq~39G-ldg177jz7O3KKapQqwQY-mz636hK2DUMrlIn4B2cDdB5RKKOFgrXg~jyyQIRTCBI0~dapALIqltDuvppR7iG4oGqZerl~iBAOKrSnW0KToZ4qpE-8dFOU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1483789095&Signature=VV4PncpzLAM5IbjCHOKHaZnTR3YwwNQ~7~f1Q4n~U8B6hFFI5mzgrGs~ELhNJ7Zss2SEftoEa~oT8IO8lNHe3cSdqqSbaGXZWVbPxDr7AKaRi9Fa6DSM7OSMEqXjZYmADSlwGmMCwbanJ6DzO0JdiAGvBGvNVNUG-7a4aCodCTU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1444603489&Signature=JVB-jCQwOVdH3YZJH840Xhc235iP3~CVrwyGJVKyJQs6r7y9Hjc99hzSbihRfwlBuL6Js0hF8XkuIDoIL9~6wGFggWP07ZcBdC7EB4zzgIGYhMzzXZZlR8GcL62VgCLgmZk8QYYe5IkRa4EMATeNFgSqbxjmvpnSHia-kDGs4mE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1470555054&Signature=eWJINB4h7-QhI0w7IEt6miP3yKrjkyh4vB84zZmtRX1GmZKGtUIXOYen1dUbTxJUfj~jSkhX70vZx7LS1b79N7PYc0Ak1u72MB6u8Zjj2a3NT9EiKofLb~JbBCxLCYsJdY0WsXQhvQ5Q6dVjOJYLl~E5P2atNE-3PoKnA9nzKf4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_pl&type=PROGRAM&Expires=1477249231&Signature=gYa1em9cRR3wzPcgj6LqtUrANe60HrJoGApcUAPprSG89xyr-ShmihjzvuHxz~ebIfvj6bTA7dw9VjoF7JENYBoc1aBkJMAjQws~V0wJoqHN91FqOdybUui76qS9qDr-nUEcG17oJ927ggknZ6xG93OVCtUhPh3yjfRFpT5ybbs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1477857266&Signature=eF7an7oQSROqlUAkZomk~tF2KIAiT73eU~XrTTdIFY1P67BvvCa7CQ4jEjOoZTS2pGYIbqKXCeZQvaKk9EMGBgXLtSYnzNsMNSW~VKg15v2PausR2-UmCqTJmv1blhpOa2Osf6DrAmZ-ItbNxsAxXmLlWq1RvtAodF2J3PlsnKE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1463915001&Signature=SZk-4C5EtpaYjaE7iYcXFfXVEhtllmaiq24OXeGqrNh2JZHqxNFF-17uCy6ACQu2K75OzR5KIrfZh6BYXLRxk-~4unev2~PYaA5tUtKb4xalRVEBLVHuJcuIBMusrA26nC61OI8VLgUZS3b0knabcOoWHu25bSX4-e~c3FoNhGs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1442183819&Signature=WbJWw7nWHTT2mvaIU4Pud-HEX6GXw5wy1wQ2mv6reaV8o1~vqg-ekEdmN8ZtJpK7vnGElH1w1Kubbz61boF5SMrW~0D8v5UvUQWxhW5lihbUCe023g-tCPzVQrc~dsNsHyzfoAHapxNXL0OMlLnCBrKY5~3ZmpVW32F471gEnJU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1478444394&Signature=fepznDfCg1F0Q8pg2z3qDlK1wXldPeTLaCFavCTpXsj1kcA-hpO7m5r99~mLyw1yVbBoB2oV2XD-X7e5Skt0QbaDjiYMXU0BzFmmhvihwm-auBzpT1WhaWN4RKQS4XFkkJvJ1MY-FtP7t64CwNKPFqXzl8tEfZiXx9qHXsSzVgA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1476581191&Signature=ZUJJEyXXb04GsueidJr4K6Mz2n9IPWFUOwiWP2aAATqOHQzfjwzDk9YXIabjXLs7hwhmuAnV9CM918KINUtsfCTqjRVMU6OhxyV2vMjR60YnX5~kedHFRQ64viXxqbOj5UTXRXbkk63D8~-YObii~U4ESf5LKXwapN0S6HbvqG4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1480152364&Signature=bBl~bgwCRS4MpcaLoNyA4rIDhB25f4bHaly6uvJEtbvk4xaYFryeeL~~BfNR-pcY4T~77e-36RqacZ2WA424o4ydLdu4fVPFhUhPEnq1hw7wr6GdKjR4lgVT~pmd-mgnpWT8LrGtIaQVbU8Tf4ZNKyQgQsGHkyMEG-y3m2KLH90_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_br&type=PROGRAM&Expires=1477371067&Signature=PA4mL~WjSIGRgbeWWGWlVsyqQ16Ist1kXHJrZk9ddEPSp5A2PmWGVGJ5e8RmCBhaX2Omp0jrJSRl1MLmf~abuoWECMJzm-fEaM6wNmdD9BY4s059wO88cyR0yY2gh2q~1TNuOsycbvpeagcDxv-3v5G~LP~85g-e9UYCXofxX4Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1477743243&Signature=HQ5v2FoIy043-gLmkOvQDE17E1tYRoveCx9XIzWHiFhpA7kmEVWXmsDTQbmjSnrFiLUDUdhGU0FatNdACi69HTB8ZWE1vA7cf-EnZT4Rk2QhSC8enBN12lcebuP7et1V83Q6XxKHm1Jy3Qqrmr0Jqrwxy9T-2F84iUYQnvBI0RQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_br&type=PROGRAM&Expires=1476776643&Signature=Kg4Ie9~71mJGymPfnPmW8XJIVXdt0NfGFz5xVrOgkLEQdhQ8L~8uPx1f-ah4Ak4GDN~clGIwSnmn3hCrwbIgFjpG7ICHP~4e9UGtpNOxkpctj2WI1h4BD-x-3qhyiNqEjQcijefVuj2M7RTdtxHPa7oaXczHjsdZ3n9GiM7fLl4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_es&type=PROGRAM&Expires=1477744371&Signature=ePqR2l~Imwdk44KXbpZU3sFM22sgmUikWrl4xh0WUes~-K~bmnMmjw06cIxfocaErK-M~Blm6T1RHj0QODhDY6mA4~jMC6CVxC0m7GDzJ1uApPYG746rLBdCFX0qI0Tflo9t6GZROsoNq4RdZ6lEjCo6AfBzf9x1gQGDEGlGbAw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://windows.indir.com/kaydet.php?x=TVRrME5rQkFRQ0VoSVM1QmMyNHJOR1lsYlRWTnx8fDQzMDZmMzZkNTZlOWMxNWE3YWY3NjkxNTgwZDYxZGY4&m=1

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1483235083&Signature=Bbx~IzS7x3r0cooxOCvJdi-R0To9iFKH4BW4gL75LJGPKbQ3FnSudmLGAhoecMxfhpjfNrLmj4jyCB-pS~pQKskrmsOphcHOxRg7Mv5t8gaVBHBF60fxm6rv9eN9UYSNv50~U-U7k6mDv72wsz9LN-KKkOTjO8l5uH4yQnIS5oE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_en&type=PROGRAM&Expires=1481900414&Signature=bA4-S9Crz1R15m0TTtrInSUJ7XNsK-COAU1YUYZLyXu59kE77SA9KpcsK2QCOuCuyX055pr-rkjjmI25BugDoKaV9mZmTMI9Ee7oRT3eYjW~pBLoQ-jj8mqiuJOytxjtKWzu1z0yN8tR~2SeH6rL~GAmZ4NoRTCzaO6V1c7lV3I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

http://gsf-cf.softonic.com/c62/962/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16482&instance=softonic_fr&type=PROGRAM&Expires=1482624429&Signature=ASvlqWCgGR5EH9Viaj2~zq4YPhXpXTbCDYdLugj913Cv9Vg2cqppUatOeDJj~ayzwm1q~xkf4hU8YXEXWQ8p8V~lxxFmbVlr9auMtgy5LKx4UBV0k3uQsAdPV3S37Gwy2Kl4~C4CAw3TUYEbKiU0HZFj3vJw23WLItPa7h3sqLQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=spidermandemo.exe

Latest 30 of 196 download URLs

Scan spiderman.exe - Powered by Reason Core Security