» cossacksaddondemo.exe
Overview
Analysis
File Details
Downloads (23)

cossacksaddondemo.exe

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

MD5:

9a172604f7d54f82f553003abef5bf8d

SHA-1:

42a9550ede20bd7da1a9eceae00819179a6a674f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

5/14/2024 12:51:18 PM UTC (today)

File size:

69.1 MB (72,483,660 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Language:

English (United States)

File PE Metadata

Compilation timestamp:

4/25/2000 4:37:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1572864:EWlQjRkyhxIv5I1idmtcGM0ERetekMN6I0NKwWBe8lnf6ivKX:EWloMm1iEcQI0NgBe8EivKX

Entry address:

0x21AF

Entry point:

55, 8B, EC, 81, EC, 2C, 05, 00, 00, 53, 56, 57, 6A, 01, 5E, 6A, 04, 89, 75, E8, FF, 15, 54, 40, 40, 00, FF, 15, 50, 40, 40, 00, 8B, F8, 89, 7D, F4, 8A, 07, 3C, 22, 0F, 85, 90, 00, 00, 00, 8A, 47, 01, 47, 89, 7D, F4, 33, DB, 3A, C3, 74, 0D, 3C, 22, 74, 09, 8A, 47, 01, 47, 89, 7D, F4, EB, EF, 80, 3F, 22, 75, 04, 47, 89, 7D, F4, 80, 3F, 20, 75, 09, 47, 80, 3F, 20, 74, FA, 89, 7D, F4, 53, FF, 15, 6C, 40, 40, 00, 80, 3F, 2F, 89, 45, F8, 75, 28, 8A, 47, 01, 3C, 53, 74, 04, 3C, 73, 75, 06, 89, 35, 58, 53, 40, 00... 
[+]

Packer / compiler:

Wise Installer Stub

Code size:

8.5 KB (8,704 bytes)

The file cossacksaddondemo.exe has been seen being distributed by the following 23 URLs.

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1476940563&Signature=avSLzgHnE5JS4zl1BAiJ9n6JcHhNKqPn6B5UEpIUSvrHBsyts0OanCwONk23JDWodWbmt6BAgqtkTXVUgqKmlS5xUQM2JwiFJGXxhiEX5dz4N1BQbNJ3PQrly8sPYiQxIdKECbxkHyZggt553W3MbZypstzS15toKJ2Wx~TvXvM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://www.gamepressure.com/.../przekieruj_ftp.asp?TOKEN=M2Y0ZER6ekRMb0ZmTmR6VVZOZUd4TmYxSFdkTlh3akdnMGVMSiswYkUrN1dZQ2t3U2RlTTg5UDd1UU9ZdUpZV1FHQStHV2tiRFFqMi9sbUgrR0s3cXFhOFZCOXY0UlMrcTcvSm4rMzFaeFl0RzNoVFFZSHdlSmZJMmJjSnhLTE8=

&onid=7483&oid=3001-7483_4-10229103&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/realtime-strategy&topicbrcrm=&pid=10229104&mfgid=70462&merid=70462&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=9092e9a743cd6a6e1a62301d&viewguid=iTh81fDbK6kS8RlW9iXven@6a5iW82j6uEEN&destUrl=http://files.downloadnow.com/s/software/10/22/91/.../cossacksaddondemo.exe

&onid=7483&oid=3001-7483_4-10229103&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=games/realtime-strategy&topicbrcrm=&pid=10229104&mfgid=70462&merid=70462&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=aa18a5374531625a62534c89&viewguid=iLH0snT6U6Ui9KxV@vNigMlWBKtmnL7DxBL2&destUrl=http://files.downloadnow.com/s/software/10/22/91/.../cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1450081795&Signature=EOdOwTvGy90ifOGkpsg6r8o~I82wwswjgBvXTV2a05AF5zS22qutbJX8BFLFalKV9y9YriTTGpskj9M3C-F05df1-St-2Uj8FojUyyhAoLXryfBcWkkIy8YR9mA3pIKSDS7M9oIrBM4xAEKOMXv0CxxzifzNljcf~DGwK9hDTi8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1460888168&Signature=Q2apeHgSskY0WXIEySKsKB3nlOixgwhOjQCcO8IbMKWYCBRfYQRFnuwanyhU8Gk83gUzPpIQwJfBgxUC0lSE3MDAIZEn5Yl2Ihja5Fkt7xnazYzU~Yo4LzcMU81bnNUk3FclrNh0xfjWV8jsojFQqADfr2oJzjEV1g5m7sycxMs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1431305616&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=VIk8o~nnRWa3VX1g-JcaF9-GJTAaqfe7Ts~EmIjdH4Wq6SIAl7wvQTnqhsOVouwlm1dC2XCu0USunKhoiWGM6vyUc5sWl9eVq5da2LHWxcqHn3vmphY8Up7ZFOmfkopW30PFbwmMdinvz4e1Cmw7Hy4FugJIg32aNrlZsiYcVLs_&filename=cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1479372490&Signature=WWTemvoHWxSCV7oclu9BrF6YMBFh~3AkSHyBisnnApaAnkJG65CupmY1RRSfCacdXQL8-DhRv7oyFHpOv4TaTfboOufv7Yml6SVFZsa9E1YnDWg4HlR2h748k~ahrtLrbfI4YWuRhChl1giL0rI00EZ7GqgqJ9KwHycEAJQ-YLs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1474876097&Signature=QcrlM4bxrM3oVsuQDradjoKZ2pQAHwDm0pt81OKZOuzPU8BihAQsSK2vVZrFrXmCiVOiDJjXNwd9LtSTEZVA-cR6cF2HrEJXGqZhw4dp5hSxYyeiPeULH3HMRjk5qDjW9lmtp4vvF1Twu3ae80uwOmgUK~ynTQyazcwdF-dSh4w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=SUYrN2xqUXFHbVg5KzhybjBrRUwxVGVrbGVzTWZPNFZGUFhpOHVSd3BiNVRuRHZUeWdPSEtJTDZqdGdoOUJSOGNkYm53bE14OGlEV1RmOERyTC9uK1lsMStCZmJSbjRRK2NGc0NSaU9nMm1DZWFEMC9hOUt4b3J4SU9uc0paMUw=

http://www.gamepressure.com/.../przekieruj_ftp.asp?TOKEN=M2Y0ZER6ekRMb0ZmTmR6VVZOZUd4TmYxSFdkTlh3akdnMGVMSiswYkUrN1dZQ2t3U2RlTTg5UDd1UU9ZdUpZV01zSjR5Z2lTY29pdXpVZFpucVN2Z3hEejNVRmVOQXExcExHNHBvcWhBYzJWelljNmtNU0w2cjV5YXIzSTdKR0Q=

http://www.gamepressure.com/.../przekieruj_ftp.asp?TOKEN=M2Y0ZER6ekRMb0ZmTmR6VVZOZUd4TmYxSFdkTlh3akdnMGVMSiswYkUrN1dZQ2t3U2RlTTg5UDd1UU9ZdUpZV0xnS1ViQkFkODVJYmllYUNvOUs2RjdtK1JWODhiS0tRVGNjU0tTZWxzL1pENWt2djhsMkxtaHlzcGdxa1I3TEs=

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=SUYrN2xqUXFHbVg5KzhybjBrRUwxVGVrbGVzTWZPNFZGUFhpOHVSd3BiNVRuRHZUeWdPSEtJTDZqdGdoOUJSODUyNEs1Q0EzQnNiZEJKUGtnVUhYMHVCZTFyWk1FMWlDU2lmYng5L3k1VTY3Sm9uT2lWR1FpQmFNZXE1R01ZSGE=

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1470623457&Signature=FB63N8o2YoSpSpcL15u1k~4-fdtONsb9iHZLDv-4EibhcWBngPvuQFXlTAmgTfO~ecrtYfAK48hj9ntIs3KEFgCTbq07ggudhtBm5skzpRpMtIo2t3GsVd26pQxWSS0VEIVMfp7sS59u34ReSyxottOJZZ~le-gHArWpGcWUjCs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://www.programosy.pl/.../pobierz,kozacy-sztuka-wojny,2.html

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=SUYrN2xqUXFHbVg5KzhybjBrRUwxVGVrbGVzTWZPNFZGUFhpOHVSd3BiNVRuRHZUeWdPSEtJTDZqdGdoOUJSOGlVWlFrU0JzcUdPZUEvOVlOSS82YjUxaTlXN0Q3NmpaeG5MZGg1MjF3UnJ1QlJyc2hrNEZDNy9PN3paNlBLcXU=

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1451209203&Signature=DBJi6oXeCvRAxFrFWTOFBm1JiG-PQH9QxSyA46tR2S76ikFNeK~g4uYNmizdwtiH0kuFovBHuk8W~0FcTBgipPmKbKqY1tF9uHG2~ThbnNDDU2et3YPm0qLEs1aqwyq9mpv8RsOVoUGF0uOhF4sAsR8qPbgS4ka1K0E9jEsUEGw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1463224891&Signature=Uz47MU~F~v22GVAbiSjXIX9874nW1HqMEwtg4VAHchJwmDDWpW71k3AEHqPmDfDcfZ5hysjZVZNkt~1sHuKguTOlTITMR3xOm-GZCX3VJnOks9mcDS2Z9EFcB7szioSvLxBUV4K06H2aIPF04M2DEhYRcb9FznllfUeYoRay81Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://files.downloadnow.com/s/software/10/22/91/.../cossacksaddondemo.exe

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1462066196&Signature=cFrwJzYjeuPhqzu2Aqkmj~bFRfogfGUSuBxd5qIqlHpYOVeqA~D91zAo6NgSdnwx3m~d2WTQb2fg9jDaspIC-g1A7OYn394IJTbmPOKqZptXEjSXY64X9CK84U2ebpFNm5b7RObXr98IR575kHeiyCSC1xlhdYm9JtFLRUhVDIc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=a3JoZVpYaXUxZW5aejhzMUplTE16UVV2N2J0dEJIelN3YWR4OTM4eU9OeHFXNkczWUMzTHNRV3loKzVMMFBQQ3k2WVA3dVo3VEl4bzh6dXpMbm45b1UzM0Z6cFRISkxVTFp5WGlYU0lVa2JtQjFQb0FYc1JiTGhRTngxaU9rVEU=

http://www.gry-online.pl/.../przekieruj_ftp.asp?TOKEN=a3JoZVpYaXUxZW5aejhzMUplTE16UVV2N2J0dEJIelN3YWR4OTM4eU9OeHFXNkczWUMzTHNRV3loKzVMMFBQQ3ZIeVkwRjdyN0JYcGt3bXEwb2ZSVEZ1T2lhMG1BYlpjeGF1NFg5QzRkR2NHY3dsdVdwUGwwUmJvc0VlZlIwelg=

http://gsf-cf.softonic.com/42a/955/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16897&instance=softonic_en&type=PROGRAM&Expires=1445405254&Signature=Bzt~79H159sT6XjTwrAMpeuS8ko1u5ozGKZ5Pwz73Y7sq8csEIGkIVmj9BbKXx~RI2TWvL0sIWTgl1oeIepUX2A~kP3MdkHVZTH~6P1hrTm7oQPWoFoFcLF0GeodbJfcp4g4uRUN03gImR3jL8cA3bj0j8J44706nT1eTR1F-mI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cossacksaddondemo.exe

Scan cossacksaddondemo.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.