home

jing_setup.exe

TechSmith Corporation

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
TechSmith Corporation  (signed and verified)

Description:
Jing Setup

Version:
2.4.10231.1521

MD5:
8fe2ec083affb610dd07fedeae390e74

SHA-1:
0a432568a1732c0a9084e550dad5002098b614e7

SHA-256:
0fb8e8ff8ad34d218b8258a8e3b7e154a85124315b07f1e1dd0db76d5d24d5eb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:06:46 PM UTC  (today)

File size:
6.6 MB (6,892,808 bytes)

Copyright:
TechSmith Corporation

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
TechSmith Corporation

Authority:
VeriSign, Inc.

Valid from:
7/9/2008 3:00:00 AM

Valid to:
9/8/2011 2:59:59 AM

Subject:
CN=TechSmith Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TechSmith Corporation, L=Okemos, S=Michigan, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
023A36B3DFA49AE6EBF2F756D149A3DF

File PE Metadata
Compilation timestamp:
8/16/2007 9:13:16 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
98304:csufeArbSQcDvCuNaDhQD+/ZGzQuJ7kJthrhDTomSdfE/naX3SYWMe3POkHb0kzO:NuTbSQUTN9DQukJtLDg8ml2rzyt

Entry address:
0x1000

Entry point:
55, 8B, EC, 81, EC, 7C, 05, 00, 00, 53, 56, 57, BE, 04, 01, 00, 00, 56, 8D, 85, 90, FD, FF, FF, 33, DB, 50, 53, 89, 5D, F4, FF, 15, 38, 20, 40, 00, 56, 8D, 85, 90, FD, FF, FF, 50, 50, FF, 15, 34, 20, 40, 00, 8B, 3D, 30, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 68, 00, 00, 00, 80, 8D, 85, 90, FD, FF, FF, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 82, 01, 00, 00, 8D, 85, 8C, FC, FF, FF, 50, 56, FF, 15, 2C, 20, 40, 00, 8D, 85, 94, FE, FF, FF, 50, 53, 68, 58, 20, 40, 00, 8D, 85, 8C, FC, FF, FF, 50, FF, 15, 28...
 
[+]

Entropy:
7.9985

Developed / compiled with:
Microsoft Visual C++

Code size:
1024 Bytes (1,024 bytes)

The file jing_setup.exe has been seen being distributed by the following 10 URLs.

http://gsf-cf.softonic.com/0a4/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64161&instance=softonic_fr&type=PROGRAM&Expires=1479775066&Signature=Bm98uvpBz5wjlU4xUy26foXECosWZHpl9BrF1vlSKQQshQJWNjL2S7Q-Nd~dmWEkSE4jbC-nZozCMVireCyiA-qGtsdbCHUEz02FPRazHRLzfcuCqR~5Qhx7pR-w26ieEeiggRFED3C6Z4VwLbe1sKepZkhcwEuYCqsaOPscles_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jing_setup.exe

https://fvtc.blackboard.com/bbcswebdav/.../xid-1928780_1

https://tmpfile10601.s3.amazonaws.com/download77/ic_trackings/5831/.../jing.exe

http://gsf-cf.softonic.com/0a4/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64161&instance=softonic_fr&type=PROGRAM&Expires=1482671637&Signature=MYCB1Hg7B5lHp3vOlru0kErX9tYRDkQKFMaf7xw0YkpCY1XyHZhjpzFZp8Cqw3wCOGQ2bm9zm1yNPcrSegbSPw4BU4VW4PVO0N30WZZO3wBWDarFmAAUNXawTtsY1~AZYL9ZnLttdMEaSOis4QjxUjlTMmifDMt~e1EJ~E2oFpY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jing_setup.exe

http://gsf-cf.softonic.com/0a4/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64161&instance=softonic_fr&type=PROGRAM&Expires=1479968501&Signature=g1JNGV3SLL0LuV9ZD-X1tj~h~mz7-R7YIe-Fr7CnOoMVe0WGBA-Z51Hr-ttepufnvm4ecZa7JgnHApZjYhdipM9UFgYveiypyyTlDG-R5q25dF1sTWW1gtohRAq6w4LWg-SukdbbSzOohizmPxYj8hVf74DXrOuomuDPTiAMnS8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jing_setup.exe

http://gsf-cf.softonic.com/0a4/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64161&instance=softonic_fr&type=PROGRAM&Expires=1478571357&Signature=AHDo2qcXtFpKKcS~uqvBw8LNkqBWTC71Lu8Li1~dxnjPapyzZKGW3LXiBD1wx4x36v~YzY26p~shzTl5Gyxkdo73NYiIqc299NW93FRsPVZ-4RVyuMDSoLlYBFIIcIjf8DoiUYOWFA-pVeeuRg0XnxF4-8XE2UdXJS0voy6lS-k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jing_setup.exe

http://gsf-cf.softonic.com/0a4/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64161&instance=softonic_fr&type=PROGRAM&Expires=1465983764&Signature=Y2aIUnhea7QB0dfBn--BsHqFFK2yljXhXHYEoPLDNany5q2antOk8HbVRlNud3FbL2XVWWSxVs4IVfD2sTGr7kntoOlRAKt96~2O~ejD8CLCKNjpNgb8EzoDnGCjuJkemzhAnIrez5ZVr7vSkM-kpvpXu8vvfF4D4oRxpRv9nX0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jing_setup.exe

http://download.techsmith.com/jing/.../jing.exe

http://gsf-cf.softonic.com/0a4/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64161&instance=softonic_fr&type=PROGRAM&Expires=1454464288&Signature=dSAS6M9K-8lWy9mjj9-Jdd719raVCHIjW-q-DFJa5H8j~1FduyBW6clBRCB9xFYKBb0Yi5oT8b4OXkGInAaFEdV9u6t47VKbbpDvR32dg35YWv6h3naI8zgSHRSexJ0kv3B9Ad76Ht20n~C6BWuf5vROHbdHfTUz7Uk7luHe6d0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=jing_setup.exe

http://download.techsmith.com/jing/.../jing_setup.exe

Scan jing_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.