home

cnc3demo.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from command-and-conquer-3-tiberium-wars.en.softonic.com and multiple other hosts.
MD5:
55066b516d8cd5232d17a13f26e802df

SHA-1:
f6af21eba2d17eb6d8bb6a131b501b41c3a7eaf7

SHA-256:
1e2499f441ef1fc3cbe447ac16361ad4247a02b9b8ec05f504161e7b5b1254e5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 5:36:00 AM UTC  (today)

File size:
1.2 GB (1,265,430,528 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\cnc3demo.exe

File PE Metadata
Compilation timestamp:
6/7/2006 11:12:37 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
25165824:eT/BrmktK1DwdVHe09p8HURUxl8lko7akaU6uXZYL6j+QbHey/ltosde8bdZGrnD:ebBr2DwdZDX8HGUvFoQ5uXCkHJs8DlRs

Entry address:
0x7595

Entry point:
6A, 60, 68, 78, C6, 40, 00, E8, 7F, 03, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, B3, FE, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, A4, C1, 40, 00, 8B, 4E, 10, 89, 0D, 7C, 1C, 41, 00, 8B, 46, 04, A3, 88, 1C, 41, 00, 8B, 56, 08, 89, 15, 8C, 1C, 41, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 80, 1C, 41, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 80, 1C, 41, 00, C1, E0, 08, 03, C2, A3, 84, 1C, 41, 00, 33, F6, 56, 8B, 3D, 90, C1, 40, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
44 KB (45,056 bytes)

The file cnc3demo.exe has been seen being distributed by the following 15 URLs.

https://command-and-conquer-3-tiberium-wars.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmvob2l/4JUWX48ZaZZSxP jfbwdLPl T7z70WVjFa1Tp6chs8xUOzSJ NRGGRJ8PNanaAzTyjPUEBTHupbi5gt4p1UVVJcZwH97aRntWblE6mO7EFWfVFvURpULfblVRXAgZdioQUM18PK28PgtIQNx2BQ8hAN5r82Yuh1NtDN/suhLCej4nmhp1/zYwT0RX6B9/63JU rQz0ooGHbHMHcBPWu3vtoz4Lp4a5uOgmrisykwROySkzbP6ZZz51nlWroTcj9tkPhF3PltvrTpexLUUsramknR0JYnJfYRZo9U9wxDO/dZF XNl/HuWHRaLOT2gJ2wpRV4WspZLQJuuY 1KDe5vrWJThBaCPvD4l5cb7NIMX98gWT9OhnyRo/mJ9HNO6OW5hV/pdGRlkAK1NkryLy5Yn77PPJ4VZ4Llr3bjlqLD8/1rThJpAD1oH85o4tYyET5MQt4ziQo/.../QLb7hWPCEEaSm22

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_en&type=PROGRAM&Expires=1473453805&Signature=S5Njz~AJ9VoHjxlq6Q3M9WLIfRmTnu6--4-8tY00asmj-he7iU3ZSXTNtQsWKomFNz3Hea7sTlhiBYJ8iRq9RhUcyTbJk48bmbGZGWqqz4~2u8nDd9~qnF~jG8XXBHZ30~fm7CtREp5ifcZ~GYqkifTd5kyicZh-vfW1eIKFD8w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_en&type=PROGRAM&Expires=1478173293&Signature=GafeYJl4HfrcVTR1gQFwnbZPgYpMunW224Iqj4-k3RG5GwGRSgVgCi7hCbi5Y4ikvSUUMmHw5Cm~C7JQf5hP~VMJn-fkHsl2yfFrXGeMhOyYkTe2TdfWR70MkezgjLSmvjSWAlv4BRU~EFfvm~8t5vMEyr7d-VvFKAlMeod8yMY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

ftp://e2d9b1564bbd46a4b3efa250edc17d7b:1348961683@demo.archive1.clubic.com/demo/.../command_conquer_3_les_guerres_du_tiberium_demo_jouable_1_anglais_32948.exe

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_en&type=PROGRAM&Expires=1460521877&Signature=FTYk54eWDHo0nR3Cmu~TP1wkZOlLe5dmtaQ-cOX2JTQCG-GYegTqVErk0o21QyrQZdUg4-X6PDsP9rtPGj4S0WM-sNHazem-Z~IvAd1-mlzmVYY3I4asHmf19Vyzlrc2QF58bfXBUfgQ429ji5ksyHybwVV5laJ5IuREGpskVYU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

http://command-and-conquer-3-tiberium-wars.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmvob2l/4JUWX48ZaZZSxP jfbwdLPl T7z70WVjFa1Tp6chs8xUOzSJ NRGGRJ8PNanaAzTyjPUEBTHupbi5gt4p1UVVJcZwH97aRntWblE6mO7EFWfVFvURpULfblVRXAgZdioQUM18PK28PgtIQNx2BQ8hAN5r82Yuh1NtDN/suhLCej4nmhp1/zYwT0RX6B9/63JU rQz0ooGHbHMHcBPWu3vtoz4Lp4a5uOgmrisykwROySkzbP6ZZz51nlWQrqCwAXnmgvg0Vd/cZTuPEWN9SZu652maiXGfRsG2tECDZn MRDQAdqwNRMItxLbwb5h280C8Kay5/r0v YFt21B3HlsMaCvCDEOBCMF44ULlGNxx5wIX8Bn49UxkhOq2NKZi IyIUZOCLlHsfGdMyWv4UM39ZYeL0hYMkVwcQckLa/QtyoQWl221mCnNfUKWr KXuwNoYX9wQ8kGMnqccb7ZLu/.../QLb7hWPCEEaSm22

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_es&type=PROGRAM&Expires=1463966359&Signature=CRg6MNouLPGwtJ8zxIMCk0aMfH6VnT6bG-y-JSbNeE4KY-3SiRf5RA1BboQ8DJV1pqsi48wsn5umwgxCuW-ENpXplaOMbdQvk2C7Pu35axGhS1e~osLqLVj-HrRtCCqjzZMLGFrPn~Or5T21mmYa8nmO236fwiEAWhwTNdI4Bcg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

ftp://largedownloads.ea.com/pub/demos/.../CnC3Demo.exe

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_en&type=PROGRAM&Expires=1461673151&Signature=Dd3IHVBLwZD8yKCEIPQJiakPBg5l~5iWhl6s1R8-cnFaiHdWCY6mDUZLz~HJBqu2-u1G~EObGnfIPPn5b0JHwfXE1seywYGY1OGsqxxrfal7RY5M4P8MLwChlILe-dx6yjmcgrEEE1YL5JWA7mzVv4eBjYwKcxO43e-a3ixhDIE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

http://command-and-conquer-3-tiberium-wars.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmvob2l/4JUWX48ZaZZSxP jfbwdLPl T7z70WVjFa1Tp6chs8xUOzSJ NRGGRJ8PNanaAzTyjPUEBTHupbi5gt4p1UVVJcZwH97aRntWblE6mO7EFWfVFvURpULfblVRXAgZdioQUM18PK28PgtIQNx2BQ8hAN5r82Yuh1NtDN/suhLCej4nmhp1/zYwT0RX6B9/63JU rQz0ooGHbHMHcBPWu3vtoz4Lp4a5uOgmrisykwROySkzbP6ZZz51nlUkBVRqgenUQcRGYILu/s97OC4cvkv3YxGlXpBYjm8oOiWjJO0glTlTCES1wuW7tspUUmu/Pumy12GtZe/7jt0RbjpA5HN0rrc3YU//3TkHZFUiltfuqELAz/KZC82kJG7cMh3EH7jbi8kSfwsLsZZ 264YzM5VxWhP8hJAxc84B9dlYLlnvSBnae9Aq9fxQ/.../QLb7hWPCEEaSm22

http://command-and-conquer-3-tiberium-wars.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANmvob2l/4JUWX48ZaZZSxP jfbwdLPl T7z70WVjFa1Tp6chs8xUOzSJ NRGGRJ8PNanaAzTyjPUEBTHupbi5gt4p1UVVJcZwH97aRntWblE6mO7EFWfVFvURpULfblVRXAgZdioQUM18PK28PgtIQNx2BQ8hAN5r82Yuh1NtDN/suhLCej4nmhp1/zYwT0RX6B9/63JU rQz0ooGHbHMHcBPWu3vtoz4Lp4a5uOgmrisykwROySkzbP6ZZz51nlVg3iB49vlS5CDyGu6IxyxKiJPeQnv0KAYqe6jlh8qDtmrAhb8aiKbS32EqJjIQfVJduImBb6rV1BfhZA930WSyxGqRzGSchpHypwVgk31tiFc37EW5da4pf1mnLWMhaykW/UTNbW2hSq 4GpgMgSZOVbn3Bkcf5gxwvlchTEqYA56acuBGNORWVjwt0kFaqNlkSmAoeGC/.../QLb7hWPCEEaSm22

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_en&type=PROGRAM&Expires=1453225748&Signature=Dqqud2UYxHu4tSP1Zfb6uav~yK-aRVh-fQ66Y-tjfNqc8aK1-BVuMWEmoMs8CJogYE3wpFaxaLxxKslvU6y-jQaoyjziRw-Rx6ifq1LN~Qw7D9JUWmObxf4d3xeSXmFXiQ5XjlDnbZxN8-6qxQtz1UOAYAvYBzqVpGODVdaJvFs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

http://command-and-conquer-3-tiberium-wars.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWsJiUcRB3VrGHkuIey7s/t0iNykZHsLPFDbDxEZi7svaCGrMReQR8swA4RICQfAoXMgb7goDla2yXXzqNcm7j7b TtB0kE/cmfXoWvXQ/yOSOtTzx89yoPTTmbcm8pcTgJkcV6F9jw6ARkmuqATmJWdPj0Iin2XkwxgqEYWvHezSi5CfJljK3A0hna2zxUGNM0wCLdvQQg19nFUGJlBjZoZJ3TV4GoNUjAsLEKDLx0zvYoeaQwBXMMWuRK7LaCUugw/LE8iCcgOMM4UnOKC1E1 A2lmLqkWbC7F2Ovjuj9fLx5IrkVbkScLf/YZoL3KyXkOlwOlfavEZgLKWeydDLVvyK7AaB0t520OKN1ENWL6MwFVnp23xUAE9BnbXO/.../VpV9fc1CkhCXY90xblNyl84i3q qHHhqdRSc1sx5aRLXgBueJcgYfGfz8wi13AxzXXxrcO1Ixh1mmo rvbh bWDf RWCMFfYH8K6S5XKYwxkKOIigrcIoeOFnhAsldxrbq3SZNPmGKcadQzxbbGJ VEbWOk3ZHJoFyaxyt2vGKVdi5mk2lZ7TtjkDt1VVhbR1ns

http://gsf-cf.softonic.com/f6a/f21/.../file?SD_used=0&channel=WEB&fdh=no&id_file=59939&instance=softonic_en&type=PROGRAM&Expires=1439529849&Signature=Qhlh2Cpb8sI9j1bs7dgaLe96JqqF-l5a0bF9NUkfM5lKC76sl-ohUdVWO6~GndGcTXe1fojLz9xr~4waU8dm6D776VNsD4~VoQlqtyVNOblfOHpKk3UhIY5QCSFLSyVvNzpL27Xn3Zfg~r6Qje9xsDMDGPjXdochWHoHQ-aMG0g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CnC3_Demo.exe

http://download.fileplanet.com/ftp1/.../CnC3_Demo.exe

Scan cnc3demo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.