» acdseefree1121_softangodownloader.exe
Overview
Analysis
File Details

acdseefree1121_softangodownloader.exe

Softango Download Manager

Softango Inc.

This is the Performersoft setup installer. The application acdseefree1121_softangodownloader.exe by Softango has been detected as adware by 23 anti-malware scanners. The program is a setup application that uses the InstallBrain installer. According to AVG, this software downloads additional adware offers during setup.

File name:

Publisher:

Softango (signed by Softango Inc.)

Product:

Softango Download Manager

Version:

15.9.28.27

MD5:

fb765ad1aff608ab7aa3da4e61d23f1f

SHA-1:

e86ba40bcf3d9a71d6575bed497a20b89db8c322

SHA-256:

6a1f41091fa8f1c203a36f9b40553142435a0e765ea5717d501f4589efcc2ab6

Scanner detections:

23 / 68

Status:

Adware

Explanation:

Uses the InstallBrain monetization platform from iBario to deliver bundled adware both search toolbars and PC optimizers from Performersoft.

Description:

This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:

4/23/2024 7:44:30 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.InstallBrain.A

1008

Agnitum Outpost

Adware.BrainInst

7.1.1

Avira AntiVirus

APPL/InstallBrain.Gen

7.11.146.224

avast!

Win32:Installer-O [PUP]

2014.9-140502

AVG

Skodna.Downloader

2015.0.3486

Bitdefender

Application.Bundler.InstallBrain.A

1.0.20.610

Comodo Security

Application.Win32.InstallBrain.AE

18205

Dr.Web

Adware.Downware.1295

9.0.1.0122

ESET NOD32

Win32/InstallBrain.AL (variant)

8.9750

F-Secure

Application.Bundler.InstallBrain

11.2014-02-05_6

G Data

Application.Bundler.InstallBrain

14.5.24

IKARUS anti.virus

Trojan-Downloader.Win32.Brantall

t3scan.1.6.1.0

Kaspersky

not-a-virus:AdWare.Win32.BrainInst

14.0.0.3927

Malwarebytes

PUP.Optional.Softango.A

v2014.05.02.02

Microsoft Security Essentials

TrojanDownloader:Win32/Brantall.C

1.10502

MicroWorld eScan

Application.Bundler.InstallBrain.A

15.0.0.366

NANO AntiVirus

Riskware.Win32.BrainInst.crciee

0.28.0.59608

Quick Heal

TrojanDownloader.Brantall.A5

5.14.14.00

Reason Heuristics

PUP.Softango.b

14.8.7.17

Sophos

InstallBrain

4.98

Vba32 AntiVirus

AdWare.BrainInst

3.12.26.0

VIPRE Antivirus

InstallBrain

28788

Zillya! Antivirus

Adware.BrainInst.Win32.45

2.0.0.1775

File size:

554.8 KB (568,120 bytes)

Product version:

15.9.28.27

Original file name:

Softango_Download_Manager.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

InstallBrain

Language:

English (United States)

Common path:

C:\users\{user}\downloads\acdseefree1121_softangodownloader.exe

Digital Signature

Signed by:

Softango Inc.

Authority:

GoDaddy.com, Inc.

Valid from:

3/29/2013 6:18:12 PM

Valid to:

3/29/2016 7:18:12 PM

Subject:

CN=Softango Inc., O=Softango Inc., L=Beaverton, S=OR, C=US

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

07B9F930CBBB4F

File PE Metadata

Compilation timestamp:

7/24/2013 9:36:20 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:/sbxKL0EHFiBY6H2tHpLk4K6ulYiU75o754fnxLuR0EOmpd:0EFGVHcHpId6F75o754fnxLi0Pm/

Entry address:

0xA8FD

Entry point:

E8, 4D, 47, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 04, 06, 42, 00, 00, 75, 18, E8, 98, 3F, 00, 00, 6A, 1E, E8, E2, 3D, 00, 00, 68, FF, 00, 00, 00, E8, E0, 2A, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 04, 06, 42, 00, FF, 15, 5C, 90, 41, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, 00, 06, 42, 00, 74, 0D, 53, E8, DE, 1D, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 39, 1D, 00, 00, 89, 30, E8, 32, 1D, 00, 00, 89... 
[+]

Entropy:

7.7045 (probably packed)

Code size:

95 KB (97,280 bytes)

Remove acdseefree1121_softangodownloader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.