home

cardrecovery_setup.exe

CardRecovery

WinRecovery Software

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from cardrecovery.softonic.pl and multiple other hosts.
Publisher:
WinRecovery Software   (signed by WinRecovery Software)

Product:
CardRecovery

Description:
Memory Card Data Recovery Software

Version:
6.1.0.0

MD5:
cbe53d62bc8a989b53245837fa5ae667

SHA-1:
e9e582a722ab372b16062186691ed7eaf484b36e

SHA-256:
928ccbefd036aceb5b405f30dad72589e2f40419a7bfdbf4ac56d480807f1c05

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/16/2024 4:34:01 AM UTC  (today)

File size:
826.3 KB (846,152 bytes)

Product version:
6.1.0.0

Copyright:
©Copyright 2012, WinRecovery Software

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\cardrecovery_setup.exe

Digital Signature
Signed by:
WinRecovery Software

Authority:
The USERTRUST Network

Valid from:
4/16/2011 2:00:00 AM

Valid to:
4/16/2014 1:59:59 AM

Subject:
CN=WinRecovery Software, O=WinRecovery Software, STREET="1-2703, Yingchun Rd. 736", STREET=Pudong, L=Shanghai, S=SH, PostalCode=200135, C=CN

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
00F1469CE6B62846D0854F264330979951

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:pnaOVXHGqFge237Uzkd2PNAOydBPa35SN4d44rLaNCQo:pasXhge23lsPNWbo5W4xLoC1

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9740

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file cardrecovery_setup.exe has been seen being distributed by the following 50 URLs.

http://cardrecovery.softonic.pl/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAN9i6ykOX8OiXf9UmF5o1zZwQe16yPTajyTzOn0nAgNIloAVbn bCWOkx241c /.../87jeRuUOtYKLuFTncYWaLFg9iS8KnWicOd1YNiVoPqLsgFNE=

https://cardrecovery.en.softonic.com/download-tracker?th=1/.../x31HSgYTT05ONTOjjSFLAJpQdk8FHWJ1VmuwV8Tf9u OrthZYtCOfQ==

http://soft.mydiv.net/win/dlfile49394_222792/.../cardrecovery_setup.exe

https://dc225.4shared.com/download/.../cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1483163532&Signature=ULM6t155UFHUB2hF~i6d98SeBgnF3iMlq1J424aDwySRv7E~xJF1SNS1F9IF98j3atqw0X6tpZzjEk-1k6s-9FiqfuMEWnih-k1VgNzzYuYQY1Dh7YRFZA97OJH7whoq6-O4QCoIF1JijtcnAX6cakdCPZIMVacvFiXrLvy4ixM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://dl.freesoftru.net/down/9c3e09be039150f6b2b551f7c69c9f3a/.../cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1476589083&Signature=coWfRcRylUGt-iRLcU6Se7LyOKARUG23JK0sZGfvo-fJGvfDzxCQLqqH43zzjS7rZfQAx0tC~kpWNd0M61MvE~3uIPJF9twntG1yiLjP-HY-~62tMj7uB~L1J8kCX3uxkpI1HiSjqeG6lyrwEBy-6lrqgOv6sR6PF99k2QYl9o8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1478261079&Signature=PfRn7SmbovLS-oktSLXG7s-vqge5ZRj~Ivs0vVd-jUqugfZCVWrRvuxj7HTTmXA~a47JfjPvUDJU9L~QybviOfoMywZ6mWaljYS-XzKN-0uLfGWt1DopiDzmnCh5zNkargsGw7J0Ktjia56KiKkb4OCAlR0~pjq8m7QKMyLXd7A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1476150859&Signature=NfwwgrXjhqNBR-K-zT0JBeCltbZ6SfCb~sL2ff7dczA0X0WgVjs3yKHkBX-YowxCjHFRZLmrhpOvoqGH0C4sngx9b-G1-76VpUsx1Y2ZwiHvL8rnP~-IA4U-cRasvtV95JKZQp8sl6JQvyf777C7IKuVjsMi2BPxD-pdaDROdcc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1470462289&Signature=Q-~556Igs2IbXrx8CB4sXkgZeCvZIwXqyadt17XA1B1aWWoOt88uI~Ipy1OjETgBMUuZBfXqCOdFjMRfMWwHgR7ePBx3Kjf-jRCrx-yxhqRDORvVIXu4nd90qhx~o7sL-Iz3LqiGqMpF7akpdvOOsR-GMBhMjUnz~pzj8ZLwjLc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://en.softonic.com/sads/tracker.php?ev=c&co=GB&sid=54c360b751feca0430e6df295555910a&upv=4d36b1291dca379b495b73efe336abd4&z=results&sk=0&abp=0&params=F39B2A32BFC101987B1458170C278E03CD8A65DD2D89831013F5FF75B0ACF0D9C8C97453D01A50AF4473C9E3E3CD30F6CB35F2D9AC011F9C773D2548F6BAD6B8C125514F52C09FC086D36429F854D97A3C7EF33B82A374848F547D5A47DC598636E6CDA458A9907A153E5A93095CDFF0779ADAD997EC523EB028BB6500B6493970FBCE51F53A35E11C7B3CF12F6B664CEB633936FFD730660C6E0C4AD5338F16&h=DAD71FE95E0647CC6CBE373B3DED26AF44A30D92E5299CB793CE50C8415217F6&directdownload=1&f=79114&d=http://download.cardrecovery.com/.../cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1478316099&Signature=C75rR3jhV5byTKVYpQo3PQZei6F5bZEFyWQtmhExW214hqo9OFo1axO2jk4is6Y7Gq2e9~JNLaDuObXdJstWR65nXhpjKw9asjfSA4syvL6GTj~NiLk9u~QdeA906imd-0xfTTSJMVy7cmhrCXL07mp8SW7nO7mFZnV7pWpXjRY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

https://download.heise.de/software/c58eaec6873bf8fc44366839b29c2e57/56c2edd8/.../cardrecovery_setup.exe

http://en.softonic.com/sads/tracker.php?ev=c&co=US&sid=d3169b32c73c9303760d94f0c27eeec5&upv=9a1c6aaed30fcad786f8f5e350ead80d&z=results&sk=0&abp=0&abt=&eid=&params=F39B2A32BFC101987B1458170C278E03CD8A65DD2D89831013F5FF75B0ACF0D9C8C97453D01A50AF4473C9E3E3CD30F670D2F6EF78AB9006D2461BFB6167D9CD2CABDC540F5A9A9DA4118CBF05C3A17227AFC4ADB685EA2728019C1125B0EAD55BCCCDBEF8D53672301417647BF4EEFD0E48F1700BB185C07D2D476C310E921620AC8E4DC252BE43643E9043913F044B16FB83EC09FDFCA1D52CF5AEF53941C5&h=9F724AE49E3F98A159C48E5FF6A4C6F922F105C6A2B2079DEAD58D9DF5E56249&directdownload=1&f=79114&d=http://download.cardrecovery.com/.../cardrecovery_setup.exe

http://card-recovery1.software.informer.com/.../

http://download.informer.com/.../cardrecovery_setup.exe

http://s5885.chomikuj.pl/File.aspx?e=awew66RGnV9nmwiyxtyWdZ3PZ0lzw-x4nYR-hVPOGJZhmG8sDt-bCoDupMilew95NeiAn-dKqlDsYvsocM5itws9INpPUEWgiFMtcjp4B-Ci1jjk7nLCr0ekumJmKaFmEutBnHciRrof9c3hScImqA&pv=2

http://download026.fshare.vn/dl/.../cardrecovery_setup.exe

https://www.cardrecovery.com/download/.../cardrecovery_setup.exe

https://cardrecovery.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWuylArdVKTnzqyuWFw1wK3fKWuALTSN 3xvYYyLXP8EMKEZW7/.../ciLRydRCmBNAvFAU7Y=

https://www.dropbox.com/s/.../cardrecovery_setup.exe

http://soft.mydiv.net/win/dlfile7c2b2_222792/.../cardrecovery_setup.exe

C:\Users\att\Downloads\cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1440137344&Signature=ZwkBbSmX7pG-KYn2LWOV~NhawpK37mk~RAJF1P~JgDjrAdSNPvY7Myqc9TIBHRAkUez7XWL0~3dM~7jUyj7KAwvKBcKfVbcM6PZjEMfOfpmc2JROY0ULi6iI0O8ejicWccOoxniV5a4tCpm5JQwYDEVYTyXhrcch89r0xkpUl0A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://dc225.4shared.com/download/.../cardrecovery_setup.exe

http://cardrecovery.software.informer.com/.../

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1421891574&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=bz0j0wz7avG9sGaQOsGIBk06EVGnaGkI0x-hquoD608YeWmRj-87Q3T-ZNQwgRpL5jAWqNygmosiWtkPBgL14jVivxDaKRn3ILcfDz2b4C7Ijw44PcvJ0Lw122ukbETEOFcXaqoP1gEKd8c1DC29DLVdIPAl-8fDDJtyILHCpSM_&filename=cardrecovery_setup.exe

http://dc646.4shared.com/download/.../cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1449305492&Signature=KYzFBNhsIdOEAJCWuZVW4piO5~t9MijcnYb8YKQnWZSx9sB4vVTa9MusRwzAO2Kl70VBYqrvYWDtqQMuOCdiVQ0iwT7PCV61xbLbsBvI7bobKodyPRxDnpzVuu6Z4UQj9I~auhKE6o23nbLNJDRTf16XFRLTQzwQddFpfuwQJPI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

http://gsf-cf.softonic.com/e9e/582/.../file?SD_used=0&channel=WEB&fdh=no&id_file=79114&instance=softonic_en&type=PROGRAM&Expires=1447414633&Signature=M1kDL2PsRcvl~spqUtn39oErTzatE7xybCUSFNCZBsUaNXYmj1t-7bIiH7419mmoDJwADpawD-dW43dAojWlsJ-xFPMLnkksbDmn08AEoKbm1WRx~Hb6wzYVqw1qFJcSGKuQunXBG87auphOHjHjrzELeu5-NcaicnL8k2yxZGE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cardrecovery_setup.exe

Latest 30 of 53 download URLs

Scan cardrecovery_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.