spoonuninstall.exe

Illustrate Ltd

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Illustrate Ltd  (signed and verified)

MD5:
ab84572532178c12d4fa6cb2fc90b315

SHA-1:
75d3981ee2789cbd6e243cb811ef428a0073a5b9

SHA-256:
0e9b5ceab9a41ae9a5d8ae912123ce36af9c76b2450b046788d25a88d2dbf04c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:30:42 AM UTC  (today)

File size:
6.9 MB (7,261,768 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\spoonuninstall.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/14/2012 5:30:00 AM

Valid to:
2/14/2015 5:29:59 AM

Subject:
CN=Illustrate Ltd, O=Illustrate Ltd, STREET=4 Alexander Road, L=Glen Vine, S=Isle of Man, PostalCode=IM4 4EH, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0A88EE816C2E50C22084B1D3E5CDB5BA

File PE Metadata
Compilation timestamp:
9/27/2012 6:45:05 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:fHRIKQ0mT8rvIfOhkmb9eiwkoQv0vFBlB9lSQm78E6yQj:JIKQHTQIiJwkFaFBl3679Jw

Entry address:
0x1EA79

Entry point:
E8, 19, 28, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 58, 70, 43, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 5C, 70, 43, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 7A, 1B, 00, 00, 85, C0, 75, 06, B8, C0, 71, 43, 00, C3, 83, C0, 08, C3, E8, 67, 1B, 00, 00, 85, C0, 75, 06, B8, C4, 71, 43, 00, C3, 83, C0, 0C, C3, 8B, FF, 55, 8B, EC, 56, E8, E2, FF, FF, FF, 8B, 4D, 08...
 
[+]

Entropy:
7.9428  (probably packed)

Code size:
175 KB (179,200 bytes)

The file spoonuninstall.exe has been seen being distributed by the following 46 URLs.

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1437994720&Signature=BG8SrJf-mT3lcOm360UAN8~IfEHk3m29ugHE7enfKAYTlZLbeCiK~ZqS3R-o6CWniyV2O-onUNtr4-Qc~kq8az4vrdfs08-VAUCMTO0yiQn39NBHx1jmvTKnVFq7mhkp43M14QxoXShFJCM-QRMPfsNvyoENqTultU41QJtGliY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1478782562&Signature=PPfj6DlA4szrjgss05pVAd4~iWC66AWN4N26FxgoYfVclBbGSktpHvxgg89x1wTfDRu2ROf2gJMtjs6qmfXWYcJzmsHi4PVgpaMmOaKqwjvveIYy4GN-mttGCtkgSRU6eCUqn55gkFF-g2U8NHuy88aQdc6e-wvqPOYooK9TG6g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1477933395&Signature=OdBhxHZwlryVpeBqV1osEo7viQu26yJdUYEeeTuHXm7JfsutNXDo61QoyRAtG0AvaTFMbBwvG7LcF3GDgYIxjF482kM-tux5hKKGhSDY~LSADuPe6e4829y0irE0PRN65AOaOcCR5Q6lNSDe6mGPKkNS41VhMyrVRuGWK9X5yic_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1434688662&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=UHPNmgtBcugmkiYswxN9dy7Ob4keF-5HsiQPjPCWW~o9VayC8QK00Q9AmMA5JEs3J18mZOL1fkldUJKDfltv7EPJYp-DUUbvORFKI2Oeq3voHY0eKvtB0p~wlwgZhHfgr3ws44t4bShulAHhHz-tDaln9MMMX1tn6IhRgMtaLnA_&filename=dMC-R14-4-Ref-Trial.exe

https://dbpoweramp-music-converter.it.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOGMtfd GVMLvQsHqQHA2XCZXoJmcm4DvJOIFcT5yn6SWzrH08/.../P09DYoBNzF6srvrfZielNNNE7VQko6QOkNBqMU=

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_pl&type=PROGRAM&Expires=1477022435&Signature=Bs3kPXClb0iMxU51-4lZMmlHHMRbSTEEFJC2oUeZJUVVCScLEXA2wZq-2K2AhHXLrYig9j7-tsH09Lf3QSJyVdovmRQgLYKa4UiwylKCDtGzPQlWiSAd6u4eTyhasSnL74PKNi0pVU6lL~VPstVlwSRVi9IQCKHJD46QK28di8Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1431083036&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=DpL-o6-jqxUV34zTl7qugmN~SW-j4SUS7mdw7BvGeBGbB7O72TiBn9yA2mK9BeaNtie0pgxjj~MlXeoRweEpnEo~c7xAGu8fz4VJI38-8ftboTpdTlHRcT5NZp3T18MfoWE8qjj2wXqVUyjfjR-mj4jwOIOpSoV2jMlBDmSk5iQ_&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1437770702&Signature=OD7CCqiVj2vdQYL0mvzZYvpKEQado1eZPSamjHFJwz7a00elel9CtQp9993WZax55iXZaxbLb8hHsqYEuBRkQH5dSY5Ai03L33B1OlxBH4BV2GaCjSmDXyVAO4Oxp1RCWVHxz~Ohf7d1afZ2SgCAVP9EOID3cMa1vy3NgjZqEgg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1477196712&Signature=dhErf~Cxiw8VYxf0JgEILvDPWwSyGXhVGacnarQQcs1liY1-SX8mtqwtldwqQDkrMXTlIbJuEICcHE4jqC3Haz7JWVN2Ih~f4oeAD4c9k1XV8iOlPxgP-PNfTVEYb1j~ivxL~OTv3B7L0sbH2nFa47SgFZjAYV20wsD9BUReLlg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1431921220&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Mbbh02ugE~WaeshIWe10v4v~UP8mGld-3i1kXBKaGTLa-4ajjQvplL6p3jLO2bR6Y8OPM2OpoMWm5hrBiHvfshULUpU2R7xe0F2pAy7Ngeapu-A9pZRJiXkKk5tMoOpE2Clck-AQtJ-M9pQgYfiAW0kKr1gL9FcncWyxgf-eYq4_&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1476922860&Signature=ibHvaTnsmj1PNCiUloOKx-zs-TNDZLZx4WcMxv--363q4gw5rLWeGZqW0ACGGRBciPNddWOEdp8bawbgcdL80jFgzHFyIAq93BsRWzM1MPyZfDpa8LtLvFtSm7fyf8UIFSX1iSy5U16Sfh5q1vkqq1Oob-cw4LpJfLpYlV0mz0A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1476903376&Signature=VyyX0LUWoMI0CMHEx8b09nHcGxtPcO9WkyIaWI~BNoXcDEicjby6MRUIGMUrLUSAegAqCPnuPCjZh463Rp2Jj1h6EdsSiJCBBIhE1H4409pyXMZmV39ZXn5Zn2e4xgc9SaU6tDJ02Xqmlmp8E59-gFGiq9cCV-pm8~QHl9I8Ovc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1425527076&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=X~E8lYYObs4Djg~8MBA30pfA8TuZOMfqjMVsvP8w2gogzVWL5w6iHWpZFcg447-HhhIosP2qXb~HcuhQd6f6-sqa13V61bdaR3yHvSZ2SHYUryQ5UwK8j6VA27arxm7tc4Yfq4kM9SyGJ7ozlkMdjYuIrD5kjcOshFS3o1J510g_&filename=dMC-R14-4-Ref-Trial.exe

http://gsf-cf.softonic.com/75d/398/.../file?SD_used=0&channel=WEB&fdh=no&id_file=12475&instance=softonic_es&type=PROGRAM&Expires=1458131694&Signature=XE~wK-1ahf8AOrm02WKa2ZMCtcDuI4BUnfHkuRXC-LWUf9kHQmpqxRq3z~hIDKRkdkua2t68rdol284mGMayQrQyIdvbIE5fFMtWRpVTfQXytYQviC9W~3kIGqVgKWt5PP6ueSIZ25ow7KGKiQZgW7QxRc8SGFieaz4glrQESVc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=dMC-R14-4-Ref-Trial.exe

&onid=2140&oid=3001-2140_4-10042534&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=mp3audio/rippers-encoders&topicbrcrm=&pid=13003175&mfgid=83769&merid=83769&ctype=dm&cval=NONE&devicetype=desktop&pguid=e9d593e6c9d97572579c2728&viewguid=eP4PejXG9hTFsMZoR5j9LQFfNa7xvAsBrJLQ&destUrl=http://files.downloadnow.com/s/software/13/00/31/.../dMC-R14.4-Ref-Trial.exe

Latest 30 of 46 download URLs

Scan spoonuninstall.exe - Powered by Reason Core Security