home

freesofttoday.exe

FreeSoftToday

TUTO4PC COM INTERNATIONAL SL

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application freesofttoday.exe, “FreeSoftToday Setup ” by TUTO4PC COM INTERNATIONAL SL has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from dl.hcuoteno.com.
Publisher:
FrEeSoFtOdAy   (signed by TUTO4PC COM INTERNATIONAL SL)

Product:
FreeSoftToday

Description:
FreeSoftToday Setup

MD5:
60ee593762c7bdf7cd7636c3ec4468dc

SHA-1:
edfdb667c3d9d9f5f51619c13a8d504165f428df

SHA-256:
874ea7343ed50be005061d77d549bdad1febf51878f02ecda478d29b73e5bb83

Scanner detections:
26 / 68

Status:
Adware

Analysis date:
5/12/2024 12:00:35 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.OKR
369

Agnitum Outpost
PUA.EoRezo
7.1.1

avast!
Win32:Eorezo-CM [PUP]
2014.9-160131

AVG
Generic5
2017.0.2847

Baidu Antivirus
Adware.Win32.EoRezo
4.0.3.16131

Bitdefender
Adware.Eorezo.BK
1.0.20.155

Comodo Security
UnclassifiedMalware
19146

Dr.Web
Adware.Eorezo.31
9.0.1.031

Emsisoft Anti-Malware
Adware.Eorezo.BK
8.16.01.31.12

ESET NOD32
multiple threats
10.7.0.302.0

Fortinet FortiGate
Riskware/EoRezo
1/31/2016

F-Secure
Adware.Eorezo.BK
11.2016-31-01_1

G Data
Adware.Eorezo.BK
16.1.24

Kaspersky
not-a-virus:AdWare.Win32.Eorezo
14.0.0.732

Malwarebytes
PUP.Optional.FreeSoft
v2016.01.31.12

McAfee
Artemis!9DD1DB4CFCD6
5600.6503

MicroWorld eScan
Adware.Eorezo.BK
17.0.0.93

NANO AntiVirus
Riskware.Win32.Graftor.dbzums
0.28.2.61349

Norman
Adware.Eorezo.BK
11.20160131

nProtect
Adware.Eorezo.BK
14.08.10.01

Reason Heuristics
PUP.Eorezo.TUTO4PCCOMINTERNATIONAL.Installer (M)
16.1.31.12

Sophos
PUA 'TUTO4PC'
58

Trend Micro House Call
TROJ_GEN.R0CBH05GU14
7.2.31

Trend Micro
TROJ_GEN.R0CBC0OIF14
10.465.31

Vba32 AntiVirus
AdWare.Eorezo
3.12.26.3

VIPRE Antivirus
Tuto4PC
32094

File size:
3.2 MB (3,312,040 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\freesofttoday.exe

Digital Signature
Signed by:
TUTO4PC COM INTERNATIONAL SL

Authority:
GlobalSign nv-sa

Valid from:
6/3/2014 1:55:26 AM

Valid to:
7/28/2015 5:19:10 AM

Subject:
E=contact@tutoriales100.com, CN=TUTO4PC COM INTERNATIONAL SL, O=TUTO4PC COM INTERNATIONAL SL, L=BARCELONA, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C8382D4ADA7C0F9495915A4D5B4D8C97

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:BhI8Cz5SxOnPd1Ba9zCylqbpm+zPThMIExc9jamM:k8mSAPXr6saT

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9975

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file freesofttoday.exe has been seen being distributed by the following URL.

http://dl.hcuoteno.com/download/deliver/678543/.../setup_fst_ca.exe

Remove freesofttoday.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.