home

diet53su.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Description:
SFX Maker SFX (SelF-eXtracting archive)

Version:
2.1.0.0

MD5:
f2be68b33b4523c401f051a6f14419a4

SHA-1:
1adcd15d7665c52ccd3400b7d203e4b5b421b1a1

SHA-256:
1568f80c5beb656c41be96e433889298b9ef34cbda4720e2328043c774c7c8e6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:52:02 AM UTC  (today)

File size:
3.2 MB (3,367,624 bytes)

Copyright:
Copyright © David Cornish 1998-2000

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\users\{user}\downloads\diet53su.exe

File PE Metadata
Compilation timestamp:
8/28/2022 10:36:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:lgj3CVRv2uS1kmSrXy2J13BB/4unTx3QmI9JgetaseKM75sqsBDDqD6AOgoIe0OR:63CVRyxs/TTxDM6e0NKMqLSDlOgo2ncl

Entry address:
0x99D60

Entry point:
60, BE, 00, 00, 49, 00, 8D, BE, 00, 00, F8, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75...
 
[+]

Entropy:
7.9988

Packer / compiler:
UPX 2.90LZMA

Code size:
64 KB (65,536 bytes)

The file diet53su.exe has been seen being distributed by the following 5 URLs.

http://gsf-cf.softonic.com/1ad/cd1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69501&instance=softonic_fr&type=PROGRAM&Expires=1445111974&Signature=LDH6k5ElCsBp5MAo76z0IKd9b6wSRRb5murgRrH1DcXHq~zPz8DhziHIpgJ2Qpn8ie6v8wJETq-YpJ0BMg2xeeYvxGEIAET9N~wV6OS1mEwtExeDn~XEuhkpvqSTr7u1GmXQOBPpyRfg0k9um-eQNpoBMM-kJ7~1LB0zED3fod4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Diet53SU.exe

http://gsf-cf.softonic.com/1ad/cd1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69501&instance=softonic_fr&type=PROGRAM&Expires=1434972159&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=TAebvikbUDb7yRsxFlesmjfX3iMaBaDOJ1iafLs4P3ketr8bR2YwPa42DSNGGpnIODatXVQqxjkx-ndRjOHwXIEP5HkqH2tIcA7SMMKx-aetQRWHdOvb7k5Wg4oTWcB6stT-c-8BaodJeS2o70W3ypXeXyeQAriUtk5bfHOi9wM_&filename=Diet53SU.exe

http://d110.cdn.m6web.fr/soft/.../Dietetique_5.3.exe

http://gsf-cf.softonic.com/1ad/cd1/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69501&instance=softonic_fr&type=PROGRAM&Expires=1425038954&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=RTrLcmKYquPgLibS~dpYZI752WcfmPa5j9WtMknBVm1WtV4iD4L9gyO4oWL7~xn3yPTJPiw4Y9E~tLjVO3lJlHL5tHqSNFeNO57vxY9bDJ6utRZohT-35DsmdqOGg5t4SRLEu04ovCvfeoHa-TbkfTxj6kz4isMB-L~kH7j3zi8_&filename=Diet53SU.exe

http://gerard.ledu.free.fr/.../Diet53SU.exe

Scan diet53su.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.