zellosetup.exe

Zello

Zello Inc

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Zello Inc

Product:
Zello

Version:
1.33.0.0

MD5:
ffdc6107df87231ac849c10fda21e6de

SHA-1:
17fe03ae1b249bd2b1de3f7cac861d1de7a2b7cb

SHA-256:
295805e53630f10545b19a2313f6a7c739e00d4261b775609622f6bdbf03b640

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 6:06:54 AM UTC  (today)

File size:
1.8 MB (1,856,979 bytes)

Product version:
1.33.0.0

Copyright:
Copyright © 2007-2012 Zello Inc

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\zellosetup.exe

File PE Metadata
Compilation timestamp:
2/24/2012 4:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:pYSKjI6HBYQ1FFc8pscdZv1oW+0lPjYqiMFcX0uiWDt7:pYSY9BdHcy+odiMuXNDl

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

The file zellosetup.exe has been seen being distributed by the following 26 URLs.

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_es&type=PROGRAM&Expires=1445674815&Signature=MD6nWqodCB9iQKXS~x1G7ofeYnT-S1YG321EY8IdiLAdZqI7AD~KbYYqFwnmlbDp1cMybqd5V9IDLYgJuD4YVpksMHw5gFnzmW5NqllST8Y9XEXsidqCmaup2Mlk6lqt31Ld7qMNZM-91z-wfTK-UgdQglRzeqz1x1i57MdQRCE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_en&type=PROGRAM&Expires=1443332591&Signature=CuPwWtbXmbnfvwLsTY7Z0h5acLJaaaHr3MLTX9R7EEjy4lQTopqqn6~2YNFAOtDw4tZbPXeww~P-GMLa9j3HNOWS~sscI43wELXbu06Xmj1pc6WjY6HRWOWQA71hW4a-1rx1WCX8hNabYZ-OOcRK45l9YDHqmwYw-6RhLGZkhgI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_br&type=PROGRAM&Expires=1442460648&Signature=XUz6wPBX4CUV5nTv5qqaRVZuEfXVfXp9g981uM~f6t0BDflsAerYJFEn7o9jmJfqs-FGzXl4soAsZCNiKONtvrapgHrX2~naiBvVGJwHx9t6t3LTRxCq7pC6o~rOfA7fxnu7tTkSdz5PWD-K7JFIWkJSiLApOKrGIIQdFQ4-Pn4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://zello.com/.../ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_br&type=PROGRAM&Expires=1478528702&Signature=da7F5SgPTekr~5g6pQpfsumkWQDE-hge0WB6qWp1BDG8FecdVvvW8M~SBHvprs3-XpYI4taJRIcdwG9n5OaU0SO6qgPJJeyEWTEWjjvGxu2LAlxDiTxnlIFOwys0F-29q6BWC~6c9CWOGVEjO42cAVAcTiGj4-yMWobaPhw5luA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_br&type=PROGRAM&Expires=1481560518&Signature=Ib3C2dfnBUulCv9HIBR~Lq4Lia3~tr0c0S7VLeT26o8yswfjeA01UduOqTSgr912smkAWYMHaHpE5nwpWnkBUEQhiuThuVkxu6YF1aRkA~6rOVmVZP1DUgjAhyo33Q2A~x7skY~rwTfys1lL2kCXeqRg9CSZzBUop27Iv4k4Hxs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_es&type=PROGRAM&Expires=1478592850&Signature=Bh5mbdmSjFLb03Fmker4z3F25tqhcOLpOOOKjWDjucCSfPDnzLdi2wqlDdrwBUj3UBQ5pC6B5wrfcspH5tisdHKNBy-ptAYN4qrSmKyrH7iVVEwaiA-Dy4NaQzAEUHaLlVmrOFyEK5UQuBi06YdjPQd0b8HxCTmH86~I15hERoI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_en&type=PROGRAM&Expires=1475765391&Signature=Af3cAkf6vq6EIIsoLhLU9YqaU9JcabwAG23Lc-10CL2IjTZx1Py8ZHWb2ym~tXZyFAvfZcqbp4ILnrVqs9wO5o4s-6yY-GB7OWnaxkd19mUHPoMfyXCnK1R1L57QwZUOZM-V0ZP0HdMzDseKcqO6m74YIoyq4przFFf3~TjxARc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_br&type=PROGRAM&Expires=1476924968&Signature=ijy~QX1bnoGY0AtxpIY6r5v5hXHiUXaApPXAgfjZzP8MLCAzCYcxqzx752ppP4IkpftnKu0BVqrKe1rqZi9sU7JIa1wPt0maL1m~4ZPYtdsYwaCBFEJW7pY03RDsPPkjcntdpvqMObxVk8aCFX5eljZWFlo6UURAAAwUramn0p8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_es&type=PROGRAM&Expires=1459845285&Signature=OvEDuwSGas8llFYfA1x2Ez0BjK1mlqAMia~kL7xxqdB5Ms9aRnifCtDV5IVtQqjwnoINe8azB5m3QbTY~jKcTGpmeOGNlIuHEUfwv-fJww7OAXpCgmjBfOzcRFrmX0gVDL97~LGP4ckOfekh3wCnk4gCPkQdphUKhaEN9B8iaqA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_es&type=PROGRAM&Expires=1443147018&Signature=ggxSODxqIm1xmcPvAePUY4JWll9F~xFmGA9TyJWT3TMBPTJE0cqR2NSBzpYDEG66bI~8SIeKGa22suGekWxbmAyCq0r~3GlJFIj8B5aV~hs22NKMiICcQuPntq7ueTLknJx8yrHUnSS7TPmfPUVHu0z33OzE7TvjVer066D5QO4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

https://zello.com/.../ZelloSetup.exe

http://gsf-cf.softonic.com/17f/e03/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79230&instance=softonic_pl&type=PROGRAM&Expires=1451641420&Signature=DjH4g4bpHeR682se5MAroy1r-0LKhdUvH0o8QTuCbCz2guoUEnAI7qkAcx1061LnfYkMrDY-AJIn0skqa4ZV8aon4ial3F0TuvuUkqz5G7WzlKq-eNBbb3OfEvne5qq5Euw~l8gWPjNuIZtuFbIfa~JtNWdH3dM7evZ~5LGWvOI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ZelloSetup.exe

Scan zellosetup.exe - Powered by Reason Core Security