home

media sos setup (1.0.1.18 en-us).exe

Mediafour SOS Setup

Mediafour Corporation

This is a setup and installation application. The file has been seen being downloaded from f3.softwaretop.net and multiple other hosts.
Publisher:
Mediafour Corporation  (signed and verified)

Product:
Mediafour SOS Setup

Description:
Media SOS Setup

Version:
1.0.1.18

MD5:
701d80fa29d475ff1092c937ae38b941

SHA-1:
1138b046294c3825a3d7b58c5cc9610dd9faf4f9

SHA-256:
61d4ba11e063870d6c95c9d4e8ad3f75d0e79c9a2e3d1f31fefd22d5a60a49be

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/26/2024 9:48:07 PM UTC  (today)

Scan engine
Detection
Engine version

NANO AntiVirus
Trojan.Win32.Keylogger.dcbibw
0.28.2.61942

File size:
10 MB (10,472,368 bytes)

Product version:
1.0.1.18

Copyright:
Copyright © 20011-2012 Mediafour Corporation

Original file name:
Bootstrapper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\media sos setup (1.0.1.18 en-us).exe

Digital Signature
Signed by:
Mediafour Corporation

Authority:
VeriSign, Inc.

Valid from:
6/30/2010 5:00:00 PM

Valid to:
9/7/2013 4:59:59 PM

Subject:
CN=Mediafour Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mediafour Corporation, L=West Des Moines, S=Iowa, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6FB31CAF7DD1D018473E68C3DC522A3F

File PE Metadata
Compilation timestamp:
10/25/2012 12:52:42 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:G6Z6YsS+CU8a6yq0DNCMGcycPnzq70xEGychc3i6hc5qIE:ZZuS+c+HnzQ0+Uqp

Entry address:
0x5977

Entry point:
E8, 39, 2C, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 90, F2, 40, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, E4, F0, 40, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 3C, 5F, 41, 00, FF, 15, E0, F0, 40, 00, 85, C0, 75, 18, 56, E8, 58, 0B, 00, 00, 8B, F0, FF, 15...
 
[+]

Entropy:
7.9129  (probably packed)

Code size:
55 KB (56,320 bytes)

The file media sos setup (1.0.1.18 en-us).exe has been seen being distributed by the following 2 URLs.

http://f3.softwaretop.net/tmp/cf/soft/2013/11/ba/.../media-sos_10118.exe

http://download.mediafour.com/mediasos

Scan media sos setup (1.0.1.18 en-us).exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.