» myfreeweather-224-windows_softfinder_com.exe
Overview
Analysis
File Details
Downloads (34)

myfreeweather-224-windows_softfinder_com.exe

Setup Factory 7.0 Runtime

MicroSmarts LLC

The application myfreeweather-224-windows_softfinder_com.exe, “Setup Application” by MicroSmarts has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Setup Factory installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

MicroSmarts LLC (signed and verified)

Product:

Setup Factory 7.0 Runtime

Description:

Setup Application

Version:

7.0.6.1

MD5:

670c08e14d47c9fac4aa141762451a72

SHA-1:

a5180712de2ad8d11f955f6772d5da790d3dcf9f

SHA-256:

e7ae9cbfc73166a0aa128635cff573140b5f5b88d72938fc6fb1060611e1efc2

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/19/2024 8:07:21 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Installer.MicroSmarts.i

14.4.29.2

File size:

9.9 MB (10,387,752 bytes)

Product version:

7.0.6.1

Trademarks:

Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:

suf70_launch.exe

File type:

Executable application (Win32 EXE)

Installer:

Setup Factory

Language:

English (United States)

Common path:

C:\users\{user}\downloads\myfreeweather-224-windows_softfinder_com.exe

Digital Signature

Signed by:

MicroSmarts LLC

Authority:

VeriSign, Inc.

Valid from:

2/4/2008 12:00:00 AM

Valid to:

2/7/2011 11:59:59 PM

Subject:

CN=MicroSmarts LLC, OU=Software Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=MicroSmarts LLC, L=Olympia Fields, S=Illinois, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4116F6D6D2A3B2F02E5B11703B9B4CA7

File PE Metadata

Compilation timestamp:

1/29/2007 8:17:00 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:xv5SWIlCnRaPtTjHS3OyxQtK8cpSQON/RDTzybmp6h/rrypsi9y4ZkJX:152lC0ZjHS3YQONViqEprrxYyJJX

Entry address:

0x1E64

Entry point:

55, 8B, EC, 6A, FF, 68, 78, 61, 40, 00, 68, 94, 31, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 78, 60, 40, 00, 33, D2, 8A, D4, 89, 15, 4C, 9C, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 48, 9C, 40, 00, C1, E1, 08, 03, CA, 89, 0D, 44, 9C, 40, 00, C1, E8, 10, A3, 40, 9C, 40, 00, 6A, 01, E8, 07, 03, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 77, 1B, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75... 
[+]

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

20 KB (20,480 bytes)

The file myfreeweather-224-windows_softfinder_com.exe has been seen being distributed by the following 34 URLs.

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_fr&type=PROGRAM&Expires=1484640222&Signature=JQFqRtKGVQ2RGQ84d~Py6gGrVmM35FVIpW7Tnthg5mG63SwekMdkSI9IaO1sXICDILadgWsWsV-Wv8PUZazvhHjq6TarAB1BIDEQzCbeCMRbpP7TWUEdeXlkxfHxYHD6sFt9TC91DY0SPw3~Oy0dknfS56I8RveelLpXXnxPAoc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://files.downloadnow-3.com/s/software/11/10/73/.../myfreeweather.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1486491423&Signature=GKwQITQ4E9gmFeym5c1Fcuum0~AJyWsZ6JosHlcgo61K6ja2piQ6sl1yu0mmAvXznYAOm6vSEEeW34hJIt4bEHEAVV-6H2-THTWgMOgj7WW~LpQpT49IugD~yeJB84jJ0bnDCcD~klREMIHXOeMTOt88y~SWMW4qPnNWpuMqcdI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://dl1.jetelecharge.com/up/FYI2Yi73Ou/.../myfreeweather-2365-jetelecharge.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1476852552&Signature=h61CJroat4r-EdO89dFZyRdQ6zgmSfLY8iKUT3XQhWGMX0N2PIJepPIuM9JnnetSWLRCNUsa6kDdxW6ecEVpMuXHEwCddXjqgtbYCnsom3wIdLibK5HpynqjtjAo4JzxLkijUgFSFPGi4gqGSLbQb5mFaR5ZIuF1BLHp9vzCWxU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1477407159&Signature=Y0iu7wrQYzboHoOXU5HDh22XUcAUmfNgdEWw8lz3WgpkLj7baw5pcuopbMNUF3W4K6muXMON-9kxYefgxGrdXmKc3PU-DGeis3mJri-oNxhL4T1kLFpAEL1H4IScePkO2bL2TazC6XQ0ErQ6ovVdIUvp01t-ptVzti6nnoCEAf4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_de&type=PROGRAM&Expires=1445069416&Signature=eGySxLZefHlwimYj9Try6HbWl8tfAsyaH~HJp4eJ40WjPGNBdz5C9NrSaFdRACW7IQn-KSISO3VNOrX5abdYncDDhL-PZrkpRExdS8~a5aqJjB1qVZom7yE~-UaioYiwRif7aw6OVYX6cSAfV2MSvqggOziWibID-pD7RN999D0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1470087221&Signature=ECy4mjOhRE0xwf1ECBCPfNIIRFqok7RK9AxChOtXUrvIGFb9boZrwWmoaNdzEHfdn70T-7NPtGQ3GjLf9zYIWa63a4kP69TUmIxVnYtXkUkzA9f3wXPiebyrPrlJvk2wFiAWReqNvY3JjYAAraS-K4ayvE81oKTZ7wCa-Z9grEs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1479770734&Signature=GByTM6anDclMQCi9iBVjR7TK2M37XBZ984nPRjW47b-rlDULkVrB3i3yUulrAZuGbsw9JFCpiIh0aQrBDZiXgq-3jSec67zL0xP7KaWUHwWilQZUHF0RB~WVZg783YlBphxLA9RfkeoqvljYCluq~zyXsjx4eefNyo2O8d3XrV4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1466880459&Signature=iImcCV1rIv2zqyhDiIuCOT5HfUSPe0iOGDbxrtH6xJbwNqMgKtVlqitzWL4zS7-hEGaqNyLLTrte493zCgIJyu9UWX5J-MX8tPk4rkWdkBLnoYfD~qXne6O4yKaeF4wYFihZvcWEwCq1KFPsNI~YCOm-4eVmtlncLUfr9TYN4ZA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1477258555&Signature=W1PdtBgRqyMgcnRzpGbmTAjkxPb9T4aBhh1ejau1wXR7BYB-CWqfj3rSjaQtBJXesIACAXwvsDpKeGcZgLewVDlVpTLXp59srowscrKb9nRLwCNJtxoHXKQ-92jUREpNfzCGW6sp~llipT89MJzuSTi6RqNLtBbVyWeE-XjH3zM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1479625748&Signature=XukRD~BJqDujR-wMMQu-81s1Ds3OMyC9z8D8Bv7ypTBRdmhNF4gkOBGvb~Nz6cVS4modi-PI2-E6aoDwnUaVoshKcfksgzr-MYLWX4qndus3gNDnBC1FK9RFe7KE2uSm9aswGPp98Y5mhMrp7kemmY9y8z7HBteGsd5Vunxc2CQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1480647516&Signature=JoET6a3HSMJBnsycXFlM1tu44dxPZoUXWIW4BCtvq2DafYuLMGiDrIHe5~wv~YomCPAPcZVgUAKMQJdakHOx2zDptdYfPRGQxIB2qU4CHuMVXxuTcSjBVGfEMFayiTs18caX1uJiW50nr2tdqwJFjyxhSQoea83sgYLHP2MCyCY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1476209226&Signature=My7EBIqS0Wcwy3P-eV1gwqwcuoLSYlO2CzNhg-v6N1rgVUA53oZrlU-SlVE-T1MkzBHbisriJbOhoQZsV8uLiePEyBNunBaX2QWgMpFtgxN3JJgsc4hTQlJ6PbYtop6jJWAVcGhwlBhuFdHBeLApbXJW1rfwG-o8KrNo6un4240_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1463175754&Signature=RbG1FISh54smMvWrSicU0zVqzD2O4CtzkdI6wZuMmgENa-4yIOaqeTKdcE2w8YGTuU6~VAizMtnH1DxA-Bf-OUu691-bdoeYZG7opbZvA-OayS28ORGbJ37mazfavtSo1vpujAhnw4~hr5ikzcsPpLgSZdjTpWF9eknxJPbtHF4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1475881572&Signature=Fd6yIIyFrpUR~U0SnhCoMU6hA5RknJPbnJASlntq1T8lKuxh8iOc7Kg691PtLllFRQrpy3wldol9Vp7170Jzed4edIPZSD4wf0rHsww~4X6-hKT4bYPf1Scx4eiKYHLuEdDcG8~Eda0~30A7eJipar-nZFCyBv0NDuGSDJ6AgUE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_es&type=PROGRAM&Expires=1475226969&Signature=YXW12jm~a1gA8pRZRPxVl1fTSI9i92tcmUD90TSd~QMNCcozntTQFOozc30p8afJMwkz8kkF9J9SKgDn-9Of4MV5CoszaJBj1GnmY2oyHs4wdgRYaEyO7Yea5MeMzDkQkKmeFFkXN2DiJgPnSdDICO8j1XhCzQEZh6h~NiO8A4I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

https://dw.uptodown.com/dwn/7iOKcQ6-pcGQg8g5Y4j18chxOP_RUPaRppbbUfnXk33ms8dY9LYMxJ2q8tWlaXkBHFL6yQ1TdxQbD8Uu1A5QK3Bnkx3tGnC8WY2BKl-6rg15CvoZZHnr90XFeeosn08E/-cm8Abo_fnuBnWJOOS0eiFyMkCZfnjIs1OpsGlFZNq8foxXka98jf2tN2mp4ehh3C_A_j7QCGYSKRGO_-S8xOxrqb_UA7cqGScjNSo-E02zhhcssXxbQEkMtR-NOvlZx/MtPURXS9ES8Oo_zApa0zzMKq0l3_3UcbCzBgTL9HIarFn3xSPv8ih48e0OFW7V7GFRlSv4mAfZNlCSyf3XpPvaP8Uh4WYrAeg7IlegV5qYOo_IVekQeSZ__eQA_QiCis/.../

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1467981288&Signature=bAEFRuEfNfLABRhGXkzh5gqXUL2p2tWOs081AZXDSzT3WIx5EnncEs4Fn~lqJBWR6M6FFjachL5PU3enj8kxrQsIQkJ31wHkdJ3AVr7~a9zg~GjG3F6K-Yfrnd4TBEsn7V4QjqW7RewXtxsIsIDnod93r6qpBNbtzDl31D930cA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1461069781&Signature=EDhQk~XuuBJMwfYR9R4e335RzDTNRFOXUUWOvz9AJJspvJuygvHny9fgV47lFz4iXyF413aUr4JNJUX8a8z2Gm6-FTKnMBluBUIIZcsxvPNMGlMrWHRNaPvBHCSTQZdld96xbDNEllZ7qp1y3tk0bm3pY-sQY~-PiyQSfzVR1c8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1458169331&Signature=iavt4PNBTPR4N8rpfIirsPuBxorWTIFaQwrJEFfefI3-xJ-xMJ3cvaQIo0jTRqGAyAJMfYaaFTGeOwux6AmLxMNUaISn0bnijEsPv3NbihtoErP4p3zFuH732N-IxYGnefrA0gLsroWEOPHH5O~HtlGFU9v8zf3Iv1xu-iUaDqo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1466912202&Signature=S8~S4iqHgp17shNZnTyiuXytBSoUJLF00J3P61y6B01JRtviFEok-5qFlufnS1aPhV4r4CRHEkfbl6Y5jTIsgt1vHoOPx3nVt~KH-vN-js~hSSe-pX0hv~6Pd8wfMz7fQTCKkYlAu1O23yVelAhOmeFXGbcMUrh8UIkHsrr4~dQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://www.storage.programosy.pl/MFW_[www.programosy.pl].exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1450478283&Signature=SQSQBrznAlJKJNYf28RenKbocr5QZm9CZe~ehArEuI7qS-x~JDXCj5~pc5pDzjtDQAkOlPfbBaa7FGVWSCWAwF1qDa-Zc9UnFwxc9usBmsnsOp7sXGzcsuDP4mvB-IFZYkyE8IqBB5k70ZWwaH4--EyaWZuBeXHtu7NJr70yq9g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1454879953&Signature=hCmNUG2MkMBa2y2e7YgLV-NUW5g9G9lG-MCsW2Yc6Nul00GdiL~syMZwP3UzPe9l~IInr8w~Qw0HxN1z6H-VR39hzmJoqHSOh-HZK1VxP-YIMGzE2wL2yIMbvKwzeMPq2BQP4aNdzM4TvXIKd8LkWjvRYbbJy1Cps3JNM7Le4NA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://files.downloadnow.com/s/software/11/10/73/.../myfreeweather.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1457899046&Signature=f6Mc-HCKdbR9zht7ux05BlwUeDwypA~Ohm1PymHNkxqHX925Z~7GSsWlq1phPBsK28fVl62OoW975qu7JrHeebvJ0AlY~Sgc0g5uvPeAz78DoTQh57yH2~3Zp3ZiHz7P~i8OSLWvjzIBwCTowdVDYL3H1V424-h6Px5Hlvfrxhg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

http://software-files-a.cnet.com/s/software/11/10/73/.../myfreeweather.exe

http://w6.mien-phi.com/data/Soft/2014/05/.../myfreeweather.exe

http://gsf-cf.softonic.com/a51/807/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72149&instance=softonic_en&type=PROGRAM&Expires=1451337114&Signature=WWJ0SnlOTtUoLW6hjceLtcqaWfygUZcOQpz6GNCr761vFSr96ARXJB2DQFS9gSS-QXsImv5kQxeoD7iQzgq3nu9sVlNbDREZ9f3ngeqEAlytNmeg-W5iQLZdsrGDnpq8Nm6nkrKhIZWkBn~2eitof6JiZ2WkqWGx6q0PX53aylw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=MFW.exe

Latest 30 of 34 download URLs

Remove myfreeweather-224-windows_softfinder_com.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.