» handbrake-0.9.4jp-r2-win_gui.exe
Overview
Analysis
File Details
Downloads (15)

handbrake-0.9.4jp-r2-win_gui.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

MD5:

a2adf3469246aa9c05dd0715fd8c3437

SHA-1:

a19b29a1df7b4e0c18ac771eb4a38cff6782f742

SHA-256:

813a6a13d93ef9daa89f072a0e0eabe7db2a024462c5ae2f33e168c9102b30dd

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 11:11:44 AM UTC (today)

File size:

4.7 MB (4,889,492 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

File PE Metadata

Compilation timestamp:

12/6/2009 7:50:41 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

98304:eQQaGcUaTAqVee2V38da9PdqpZ+h5uRyz5UnwZdelqs0jt2LL:8aGcUa8/ey8qgDiuRKUsImx2LL

Entry address:

0x30CB

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9985

Packer / compiler:

Nullsoft install system v2.x

Code size:

22.5 KB (23,040 bytes)

The file handbrake-0.9.4jp-r2-win_gui.exe has been seen being distributed by the following 15 URLs.

http://gsf-cf.softonic.com/a19/b29/.../file?SD_used=0&channel=WEB&fdh=no&id_file=61774&instance=softonic_jp&type=PROGRAM&Expires=1477342699&Signature=WuEpju4aBHoRtdAxV4FyzxYWNYEYkyNHUl7XjSg-dCzFZvu7hzRPxNZq9~dgofeaIl0oiIuigtWbQp-P3bRmN57qQ9s8zxf4pTfAMPSvPKoSWP1RZal~qAvVwAFEgfd7Wcn4X9gfX8v2IzL3NUyDxZTDv3DlQpAHp-cRp3RLlrg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandBrake-0.9.4jp-r2-Win_GUI.exe

http://osdn.jp/frs/redir.php?m=jaist&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

https://osdn.jp/frs/redir.php?m=osdn&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

http://gsf-cf.softonic.com/a19/b29/.../file?SD_used=0&channel=WEB&fdh=no&id_file=61774&instance=softonic_jp&type=PROGRAM&Expires=1487607695&Signature=Gt8P6kZhq5RqCYGDMz-ad~9Oa1303jnFiH1QP7hlBRnnQzURSGKQqFxViEc1OI0DFJS3b~n8vV-9QoTpBOK2qy3V-JIP7IRZ18uCat8YgkjoDEVaYmbwOCSV6s6~gwNK2mTMSQ~ScBjaPX8-pmfhD5hEV0uwFRN1e9F~iIIlmnU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandBrake-0.9.4jp-r2-Win_GUI.exe

http://gsf-cf.softonic.com/a19/b29/.../file?SD_used=0&channel=WEB&fdh=no&id_file=61774&instance=softonic_jp&type=PROGRAM&Expires=1476592413&Signature=bJg1CsvSJs0ftr~QGn-FE9XdTEJJLxy8nVpfol8Nc37zCieZT83-sJ8O44AJaK68Oj4X1Vd6GOWKIUG~lib1m8Uls6v7vMf7e0YmAZNawrwU2yEvG1EPIlCCP2hgFBv5TP6C1qUoT0f-RQmv8yGSR-2qrozhUllnwZDrXPi1epU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandBrake-0.9.4jp-r2-Win_GUI.exe

https://ja.osdn.net/frs/redir.php?m=jaist&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

https://ja.osdn.net/frs/redir.php?m=iij&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

http://ymu.dl.osdn.jp/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

http://gsf-cf.softonic.com/a19/b29/.../file?SD_used=0&channel=WEB&fdh=no&id_file=61774&instance=softonic_jp&type=PROGRAM&Expires=1469660499&Signature=R~OWDljUFtr~1J4DL7fHuArJMRHF~--wX31cPE7anBPLUr2wd8ghEMJMWqa-LecDlxrx2dktsLoOaX6LAzHZNbtYVseguDDlSv7cRBB8Sp3yocpALy~RDCgNKpX~Q2vKIxPivwt7TkcuLji7QvdLV864tSDC9Aw0DFSCvUkBCTU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandBrake-0.9.4jp-r2-Win_GUI.exe

http://gsf-cf.softonic.com/a19/b29/.../file?SD_used=0&channel=WEB&fdh=no&id_file=61774&instance=softonic_jp&type=PROGRAM&Expires=1481374190&Signature=MJYsMvSuuiuBu2b1SzejFuO94M1mnBjoaoC6F0xc1EkoxmQlj5PW1YXcmL69AGV~x3gb50V~ZCgZVquxYTDBAVi6IbnV0FfI~1gq6lWFNHJmEnyyHfyvqDUllSK2GnzLks0VF1oTyCp1vmrC~Ssw8dnmVdnXoPdRjVpJ0hr9y34_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=HandBrake-0.9.4jp-r2-Win_GUI.exe

http://iij.dl.sourceforge.jp/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

https://osdn.jp/frs/redir.php?m=iij&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

http://osdn.jp/frs/redir.php?m=iij&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

https://osdn.jp/frs/redir.php?m=jaist&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

http://sourceforge.jp/frs/redir.php?m=jaist&f=/handbrake-jp/.../HandBrake-0.9.4jp-r2-Win_GUI.exe

Scan handbrake-0.9.4jp-r2-win_gui.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.