» Dacty6SU.exe
Overview
Analysis
File Details
Downloads (16)

Dacty6SU.exe

G. LE DU

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Dacty6SU.exe

Publisher:

G. LE DU

Description:

Dactylo Setup

MD5:

69ffc65b14c4428dd95922629a125d09

SHA-1:

f9d287bf5d9fb78a348f214888a6408cd144bc16

SHA-256:

f7d9a130b911d52cfd4d00e9c61d0360064d82cfe440bdca16af0ee0c56b16db

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/16/2024 7:07:49 AM UTC (today)

File size:

634.2 KB (649,393 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\dacty6su.exe

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:GYk5lUQe/wHFulLe9TZzVSi4TUhsMR6M9DPRLVuTHxAqUuFL3YCUw+Hq85:rdQeplGTmTUhsMcMRuTHxAqxI9w+H7

Entry address:

0x9264

Entry point:

55, 8B, EC, 83, C4, B8, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, BC, 89, 45, B8, E8, 5F, 9E, FF, FF, E8, 8A, B0, FF, FF, E8, E9, D2, FF, FF, E8, 30, D3, FF, FF, E8, 07, F6, FF, FF, BE, CC, BD, 40, 00, 33, C0, 55, 68, 14, 99, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, A4, 98, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, EC, FE, FF, FF, E8, 9F, F9, FF, FF, 8D, 55, F0, 33, C0, E8, 41, D6, FF, FF, 8B, 55, F0, B8, C0, BD, 40, 00, E8, 10, 9F, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, C0, BD, 40, 00... 
[+]

Entropy:

7.9619

Developed / compiled with:

Microsoft Visual C++

Code size:

34.5 KB (35,328 bytes)

The file Dacty6SU.exe has been seen being distributed by the following 16 URLs.

http://gsf-cf.softonic.com/f9d/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60893&instance=softonic_fr&type=PROGRAM&Expires=1480754920&Signature=KJq2moambGns6Wu8zxA4ssystng63f2bpCYISmD8sHyif6n1F1SfFcbjcG13E64b7T9qRKOBITDkwj-BUQq0CWxrpYvNOZw9eiMBK5v8loV1sf-RQGyCL0Dfvw82lXK7~P-Te-nkK6awNARSYnNq~nJxwbiOZ3FOp50U15AG9EQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dacty6SU.exe

http://gsf-cf.softonic.com/f9d/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60893&instance=softonic_fr&type=PROGRAM&Expires=1458611199&Signature=OIDDcu6VvP4mzVaA3AdFvbDHiV1YVG9iAa9FOZcf5YoTNKBC-G4Cf7c0g5Tq1LMeYWJvVhCjab9e5qceROBGye0uFurTTfRHef1YFBixj-kXQgWd2gOB-AtBsoW4w1hPtvJ03W-pg1OtGXuDEIIxEKuYubpnss-7NnJRQClZXjQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dacty6SU.exe

http://gsf-cf.softonic.com/f9d/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60893&instance=softonic_fr&type=PROGRAM&Expires=1480833300&Signature=VvGXxPE5IFcb-Lt1SIwgdh5ZXp6sU~pp654S7c88BP6N6mV7hQSoWdSf-iRwHWIrYJSjhMDZ1KCrc2bU~prOuJfEYcdoufGU9czSqVdXZbwlNqasGO4aAXYInneUOxpCDAxokjpo5XQoTzDljj0eG-5QdIzh8PhUq7qRsUrW0WA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dacty6SU.exe

http://gsf-cf.softonic.com/f9d/287/.../file?SD_used=0&channel=WEB&fdh=no&id_file=60893&instance=softonic_fr&type=PROGRAM&Expires=1479496948&Signature=XG1YxKZMeE8PaYQwXIeunweQ9sfaFs8hKsNyDIuDUdJEdn6SOQFtFGowz3HPYNPWdRGB7Di6y3UmybSql3dRFILc2WNl9fSDud8mK6zmXcdg8rNLy~0OVbRexWfxt4n4cBKjwQdzLBwczHSIl8ADiH7MoyzX6CcZsB-O1FNUyX0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Dacty6SU.exe

http://lb.cdn.m6web.fr/d/c/a/596e3b0e6aab551ac61a01571c39c404/54e07f39/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/6e2baa278f811cca6cb1ff92d7406ca5/56d4ba15/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/2df8d7aa490e0cb8cd035097144146fd/58025224/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/14875a58753cfe503b4a17e259553081/5753f137/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://d110.cdn.m6web.fr/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/77297bcc93d917b7725cd52a27e4cb9e/576f9f3d/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/290c236b2ed74d8a1a1b0c28f0d11d9f/5653ffaf/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/d6c15d1a373b9b27cc7e4b3a2345099b/575eefe4/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/6d16304824765a7a83851c5ebee3d737/55de4e20/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://lb.cdn.m6web.fr/d/c/a/28a1748622166c54cc7cbd54191e2ac9/56f40228/soft/.../dactylo_dactylo_6.0_francais_9827.exe

http://www.commentcamarche.net/download/.../telecharger-34055505-dactylo

http://gerard.ledu.free.fr/.../Dacty6SU.exe

Scan Dacty6SU.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.