supercopier-windows-x86_64-1.2.1.0-setup.exe

The executable supercopier-windows-x86_64-1.2.1.0-setup.exe has been detected as malware by 1 anti-virus scanner. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from supercopier.softonic.com.br and multiple other hosts.
MD5:
b16b16c49eaefce4b10f277e8c412b65

SHA-1:
851ccf9bda67716ea149bfacdd36836f548bfdff

SHA-256:
d064bd3bc18568b125b59d0cd23906202b6ff57b16029dfea56d25c9029dfe08

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/27/2024 6:12:39 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
(M)
16.6.6.0

File size:
6.4 MB (6,708,535 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\supercopier-windows-x86_64-1.2.1.0-setup.exe

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:ZYZlnTzk6pXCx3yjyENc6RIpkXCNDbasLLnHNcrdJUkBKlnqJdEdKZKthjOSacMm:ZanTXM6CkmCYkACuhCSac26/0eEc/ZT

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file supercopier-windows-x86_64-1.2.1.0-setup.exe has been seen being distributed by the following 15 URLs.

https://supercopier.softonic.com.br/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOJBHHQEZf/JWB AlQYXiqxaC W5SPWfmb574p QYLFXuh9Lounq8HwrDBFYyhY/.../n0muQ87tag==

http://www.ranchmetabits.com/QJDsL5z2kkBMcj7wO2CKaHGZ46CQa6m2pFn7bWQ1aDSNFeCHgQCldqz5kE1W12SD4ks3MXxOio6Pd9nDvcy7ADeelBlMZtKXRv9Agr8x0WwqVmLdsamYTsYMgXuPEKUJGEAFdn3JPegnycyDtFu3RbwSAiSRMZJmmnVDLjRpvKkkIo6XJ_MubGb fTyn7BUOc5FGUl8E7GzGVbIKwln lEqMPFeDiw==-GwEDAGQgL_T5SBGw7RBcrDEAYSIH7G0xxHwSe28ceLLGyM8iMLf0GPO OJOj3_GeycIOg5AAsdTTkHV8BGsYZmTiaJo0x5SYqHwVL9PhkeBXCAsSn1wf5zrG3jNHlKwAaGr3fPZJAaVsYK3nV2RUdkmPBeqVDSnXSRBCvLs92G8RW8pu1CC6lLizmCgEW7ozkkfDQNQAKhSeD5zsKpbPOA2eyuS4tkCSB1ieTjJ1tKxvdjN1 AtEQMDAjoe5JLJWufXfruWWRUu1uaPWNftgvS1 9rrteoLeVFk7l0AwcBVKniVAXf03uzjEsoAJyePoKFfJMFH7pAxMiq7Q0bQpC1s0kRMxPJ17iDgF21cUyx945VbrpC7cb1fvIlLO5Vm3R6I4vuyoKXRJG68eCTRozgLs4YUXHCezG oBK4swv9fqREH XPZPdemcN Tlq7lzPOSgWJIYAziMt43aXaxOG_cmRANGbTBcFpmVxRwyL0 BMchl6mbEXXNh4eIHQiBtBwy tHTQ8lxbyCAQqdGcg4hP6gm5vqm 0lq1j7TLQMB2FvEsiQCYLq2K1GHTwHvU05Mz9EGvh7hHxdw2CvSq2x6v0gPZdHl8kNfG1G6Jg7Q2HZcXIYR5VsqWB44rOMWi_zJsLmmQYzXYCh2KKDXN2PF JHD4P0vUVVcCPnN44TVgCfrwIuz936R_fvsqgCBNCzYy7qUmqOY5s9H8qajrkUS3B5mK9qvMUWmmRyrHfP

http://www.ranchmetabits.com/VNZSt8xB9hNVp1C0szQ6Kzb BAYUsTF73Y3HpIiTfSw73JgBi_U2KHwxQHfXEqMa8m7ARJcqCjTcduhLmOjTil3SKeG_wxeAGcTCeOUF0KEayKeVZr7bQdAl5x77p8eJ7yxqaU_HWcmEvjwN8K3 qc73mNsj1McmCdGncqoONH14SIjA1olte9cEEPGQyyaM6yOKfhDToDPGrpI9WAMRlMjExaY6bw==-GwUDAGTKTaosOEH0XhHRhjFfSAIEwCEH7N_OEHOGCVq9ceDJGiM_FoH6Lo 1npuzOOYP3mgfPnafDRJVXdcW3hV4qgwzMOxRuJeoLrZhjZVgkIrfu5JhdO8oaMpd_HI Rn0_p8 o3iQRkl9DH0wjc50I2YnLbUspU8DgE0Hb68kpcgwFsPLtFV kwXSMBP1QEltL01T5KzQmbCXbH8oKx 2FQ6KkneHaPI0Cbou5gNfs7PYqyuMkRLO9RYEe5MRfYtDJfGkykMX4FizUAndPkkKHd9Hn7tXUk1hSxh0MRzEi_BTfW2due_gG0TCENQu1 hnXH3ioBKFsPkFPfEVMKKr9MFRFw1 fgHEbWX4aAjDtzG92ZtlNXqlatYzYKI2XJIKj8rqxvuf0Rok0XLhSdBqjWeB3OvFAxXlRuRuL0YPYlNUyT C TMeLiNUCtUehnknNOrGVC2c2YJULo21oSD2xm4bgQCXw7lUhMvLv3k9JmNImL5qSEJ8AJIu52lGAcuQs7adMdgjtPEnqe1lFpya_oUFoUKwfJWBpB06QoTxma 8M5VhDW88sL0KLt6ywcFmMwwvCpXSw6ooI1FYSQO2x85Tjz_Z04jc1XuiWMjv4tBv8yWaJIh5bUywWsdv9iFYVWdDzMinpQ7NdnVjDEq270_hOzCLoFy2JQ3aRFfBRyQm6AE6lBOcc uo_P2UYZlkzaLORsbN6dT44LHmdJ63mwbkXWZ2dy_O0MLiqah

http://www.downloadpresentcity.com/KJ79j3LJXeZ6Us7xYpwKXqikF3y7Z5bXL4cxJLPbEqTXXVncutfve7_2ZnKzDTPzoV2XIzJgLfua0glZdSg6Pu Ud8tulQT4lLQiQep9p9D4nI6uGXSm0GqqbZaGIa5ywxDlKUmv_SuxajL_WUte3f9wSRHnhmitn4zH1yXJfSWLdl3Yf2c=-GwEDAGTIzX_Hgd8W0TomwWwJpkd45EgAHHLA_u0MMScucTCRW8IFt7vGxI LQD0qCJqlPUu4vPXWdp4KmyGA_FENBwrlGN5NT7afjUZ3L70NkKWysersQL9sBBKzLte52DhdZjnt64sSnZMtDGIfUfZGkXYwuGcgrUAJl1m6mXFuUX_P6w8d5rdM4fsynLFXSy4A GYrzYMKpU_3pY6g1HrNb6xnvhGHyG G2VCW4HdkpfbOPaJU2PPsxb hv 0tgz1HcGxgvEaaiQ4obj6T1E59S2eP0wY68J1Rm153JIG9DuGbeBwtsZWD7OFQ7isvXr8j4HqZb 8VzunmVtPPHdip04dfysnWZEIZ CzddpCyrL3eAQIiYm5LicW5m6MFk1932G7IMP0I1I1vw6FILXUj7_Dy7wtcaNIYuSkxpXP_DIxqYRGFNZFaBVraZ2KV3 O5VQ4UIByirX tnHQAnsmiJYjx7pnjlqBi7epYu2rNekCHQwDeUEdIspF5AWPdsaTXGjFGaF2eypiccgem0mrGJGoY2 VjWKYCMHr6a37ltIvr_czQrqlxHo_OGW6roiNPulMY9VAI57gWKr1i5Owo0MnCwlbWnqaXvjvmUgJMvhTLO6DooIGPgYBTBs3EUUNWr6zdVCEsZxkwxpV54ZRISCMaC3yIx4ecX bwcJuIVHyLp67sVGS3x1_QS2sE_ec3FUV5XvUJ8G4falWdLzF7yT33uXQtXFCh5 O DixeWIg cO8Yvpj32nI5ZrIC5poAZAk_3JRsbgn

http://www.downloadpresentcity.com/f_L4XHb_dXiLOIE9IdHFh2ADuue2FFR_XuXeXDy77btoCrrRsT7v_oaFFiNKkBKzm9miSXJnXE69GHmdjbsakwfGr8sMYAVeusT0zDfoDG9zGImIgTHCSSJec4FPjM4u0atygnwsZ3LUH8sSadN5z9b03ZW4YPO3N5aCJs9b8oLyddErCCAOsIHFx8QrFjk7hFqXFeHTFUsuAr5bK4N5jhCEZ2Ieew==-GwEDAGRCL6oscgi09wzAZicAYSIH7G0xxHwSe28ceLLGyM8iMLf0GPO OJOj3_GeyRYWqCpRP3zcbivbyzigSgHp8qli00EuZlMx4KTG1N651InWOsj8loXi2o5r37 VI_xk5ShFSfrO0hWnIYXpHmWRGmcqV2IXDJFkh81SbGpdSodF3pIkLDYVjurExmXYrM8TQpZ7qqvf uc7adSAa9HTudnukc3xnk3Q14 0IG23Ez4xp5xGN7XHVPNtMUthjsM6RQ2xo D3PFCrkbhUNtCKzqeklGJnN9b6NrBpo30eErNlpN637qE1JQFkjHieqaI0U9UJF2yiPGgU8vPclncWhU7WjFr_0My5PwXeszaXyZSL hjCSRiwK3xMpfdk4wPvkHriu9U3NhtsyM4kfN8URXhP5hskaM8DyXSdsTxLQJu5x0f0H13evuML0nu7YX1BIfo8mSCoKyGtfOFAXUaJbzGye5aWpntIMlR9Pqio9HIBDurL8DMJ5Ad OAB8Fz8SXA37AxqYsC4c0YQDprt1Xd3KPfr3bM87i3qrFrmk1LPA63FOdXS5VzUDYyWK_64s5tdUVuIc r1lG3FZtePF5QJOhfs itYuhF1_T8IMNH0cQFAxdT534T7FR42avsvhZDLnr2hu sP0ZDYgoh9cNGOKvbBuaOTRdN8sYo0hly3Vg U eKx_fgogSFGCjYx7qcWr_ZFfX 7ChrIuPDsri2FItrEkST80

http://www.ranchmetabits.com/p7tsh3VFj8xN066GlSjzIyW8w3THRu03EKEjUvF92347KJ3nClEROfpQD36PsxzdbHs100Ies8oXXJG24GyUIF9xs8ux7OTp69kFx0zwLsPjUQKzHQIghJGa4o x_qKVmEcpmt99w7v1oDl9h bVZhFPogsyrOwxGRwd9CXAmr6ceT3L4ZU=-GwEDAGTKTaosOEH0XhFfTBvGAh40EICJHLC3xRDzSey9ceDJGiM_i8Dci8 7Gl9n_hkPvGeKDc01rcmtDq4DiFCBrKE6oC8 IPZ13oTvnNkwFLkiT3l3caXC6AURj0Om07wB1uqJfUcWp4TUbqSn9B5n2bxBS2Q0RKLatb9W8VuREJfojxzViTvNlaLYnypaw9YsKZKnoskqc3UbsFL6HivnfJtEncjKvpJFgLpGoyRotKv1pWr8y76M7XkrwUHu0_CgPjABSBgmqldboUtK5UNYhJd1FrjPqWsvurZli68472iuO8UHiV5fKJrnTcpzw3DURoVlEiSjbhCVS4_eTk2LXNh__B1_LrmfJ3V7ArDJa391Aj6BC5Jyex137nifhkUJpeiP7pGIFpPFBT_tDDdE06ZsvZWdT1d2dfbxKI8YrdjRJFExDcfEeqAWo vM6VUQ7 eKwHZo0 mO0kTVyrURz8rFWRxpR Ri8DGRincqzn1jvXkzWrjx2KMqwu2FsDQnj3i y3uAJgbESHbidD2nia14ByDVbpOPNZOLboRUfaX34O0vJJYIl8XmqjKsqfCs8feGqrVuNahHfSRh9e9xUmNA64R50QMo1H78gsRT98X5ZmEpkopu4IgA4_ZyLKtWlqR6zi8KEYsRGqHLq0DzaLzM6gQM4yvIU_O8wsOoSzsTHXwPLOFI9SX556cMwywruxhcG0hJoyhGWPkitnQjGtYb4CLbnCw 8LxQ9OKQdUvpn5VZfZ5t3LntY2q2wwjpQOkaJx0JrI35ffFO8f

https://supercopier.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOJBHHQEZf/JWB AlQYXiqxaC W5SPWfmb574p QYLFXuh9Lounq8HwrDBFYyhY/.../n0muQ87tag==

http://www.vaultsfarmhosting.com/7ylopLHYtU_1DkVcWBFRpfYUVn2RW3aDef2thMx OrIBocz615cuKshJYR2eGwuitRh9rfr6MwyProecdgQpDwLIUGniRFp5hSg_zvitrU 9hPKnCe1PdXCoDmsx_K8q3c2aObhEjKt YJ0RTSx mg4Zvgix68uG4ABdZqEE6pvdQYxx6G9ARRIUOGbXWNRwcRAfzd9z2XMbgB5cBZQeVs7 BxeR8oJ32MqMLNtlnsf kQm_JA4dcWMQmiv9aZqzb867NSAi9k8VKf6I1sbaRwE5Lz4HVTBYGSqAdLcBtpgyCyx_KZwc3WOLIttZnIsNF_9H8asx8QUUoY04f0VrXrewao8KBm_cLrRkh7s0h51QXIqDLbiRdhdTOc_FdwTbOu9Syzzc9Zn6YQMgkr3T3HrMeyUjFN08YT1KE2q Lo2p_EESFHYbxa YLpOteTrExxtUZ2kdrDjyCXoXEfk9UtFV0jRWOKAbJFmmH1Goq9h3Id6FByCW0 rhG96dRMk9NMHmKZzl0y4XRnoItz8u6SDoHOnA NS8BsE83dTzYrX64b8RS7FsUrVHMvVmt9ztt_VL9STb C7KoACfgTVNfB3x45G5RilPQS5IvvWcLcmkCXGOUzM=-G00AAGR3ntfMMLbvpCYpEg9wyIHTl0BgAVgcSLABl3gSPzVup7tme9Z1K8B1PKnnIaUSKQixom2MqGwNWYDEKycGUy1EzXX2DQ==-e

Remove supercopier-windows-x86_64-1.2.1.0-setup.exe - Powered by Reason Core Security