overlook-fing-2.1.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
a35c6f349dee13b95ace7ab51e9ad3e9

SHA-1:
ccd3ae0a1d980a97cd847498926735ca0f38f6c9

SHA-256:
66fe15ecf3e8c5f0873592159cff7c3ba456673a9263e6d82d7470b6fcd5f415

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
10/18/2018 8:47:43 AM UTC  (today)

File size:
3 MB (3,145,894 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\overlook-fing-2.1.exe

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:3bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbBbbbbbbbbbbbbbbbbbbbbbbbbb/:3bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbx

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file overlook-fing-2.1.exe has been seen being distributed by the following 34 URLs.

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_en&type=PROGRAM&Expires=1465516227&Signature=Xji4ta~Mx-iWYbUTSJyEuudUodB46upshcbQu4HhBMzazCmwhafoG1u7HuMCXKEMpE0WHI6szWt7S50u0fdpd~4y70JD7tFzbN2uEY4~d8dVSS4xvvbvW~~0j5Rc5DOlbldsWWc7~cK9ZKkwDePYGK7rDyyEwPLe2BLS16rX5F0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_br&type=PROGRAM&Expires=1477287655&Signature=BeQfmjwlM1f0rVfy1GuPIFH3NmZ0Y3siHAltVymXFhQDCFYtsMe~VwB0Ey~U1NYn-h26rbD1FhA5HMVM58rgwzx7Cqu-hvoiXmxICVoXZUtr7DrvyrmBxS8gO~mop5ULR-bWiGSfUtP8HdaLLRwTkzvijw0hB15ragiTeNvjlus_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1424498471&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=dYVfDlVvy6R8ppuPqFBAiegtjEVYLBrUwkDxbyz3pbVSXiEJnp9BJQTDlhVsSDycnLWFUU-UQQE1vEJ-yBHNOZdsAeDSWYp~VO5~YBipMKy7PTJEtvmzgb2n32hudHq7GWQnmwC~RDUga79wNNKYFpr2de~pR9bT6kpwO2-~XLQ_&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1478738688&Signature=NDuR9Xuav9BMvr0TNRul4Fd1fD-lUqMmNx~kS40Uj5YPyz7ZtDe0z540Ez8EkbUY9M89a092bNPQDiLxZiFS~TYqnsCmnszSbchovgV35d0wunpADpR9AGkd3TRdO-5sCuWDvfdQQ3KXVeCvpbhVzY1yXRT9Kv6Iq3eIm4D-nls_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1480140643&Signature=co4xqpZSHypMW84V3VE626LTUlvXgz5P9jmpmBq2885pdBlMTqAoMnc3KPtsEnSlxcwT3w7UfjcGAUyIalgsgRLLqClfZNWh~dRK49t58N1l3EfpNgfYQTbOxswheUDY3DKuIQZAfzLB4aHIzG6J6lkmrejDL0ef38~pG-iXmPs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1474305559&Signature=AgFTdBLJ8qVfr6gfZJQnU2hgO4swmUNVzRFqhjb3ptbQPx-ljdo6-YPWT~i0obRhWCGEHPNT-Uyp8rQ8VMn3WkNrkWPBmUF13XpRhta6-w3IwH~ot62JbdnC~RFOeJZoOf1nw3jf3AgPyXnuKbX~Rs9co2c1P2yJMC00Xu0utSY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_en&type=PROGRAM&Expires=1476395576&Signature=ZGP7kD9opFPGFCAo5sRCf036wuw8lP08QTs8lWpUjoHW2k5SZmbtlLrbYCfQoQDqnmZ3Dr2OkOZ1p884cmNEBsW5gaZ4A9B4qSH0JHfWBKm7M~ePZ7q6e-nsvMx21hSp0o6n6snI~5NDnqdwvZZislWzLVL5tm82ybI9nbEYYNg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1473450932&Signature=VhHcbA7L2SEYNNICC-p4yBTXIx4pv7DfR-hnXKDoHDl1~FQmMURGJybtCuPLEE1Pg8BmNXbvJauTI4OQzNnToCXQBaZRAEhZst-2Ecf-ScqHYvm1V5kDlqv5JRqxfAHzrbSrCyLbA8KA1cGiH9CB9jMLd5OmXzCnSzpIN5R6lRg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1477826916&Signature=DrMnAc-ggUXJiC29c1h8MTmq-fytVxjQqK7yw3cgCIw-ZUNJ4c4l0SsqsZ8mBarJs2RdJlMhPcnCYiuk4wPaWeoXjVBD-VXJgDuUbbiHgdzkAD-bBUhucfi162W8fACyQUC1svVGt4OZLSXNhpN~Jas~ixcQCGR26ATrZ5xUi-E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_br&type=PROGRAM&Expires=1465774688&Signature=VhSGTbY4h2Y9KG3MdlkcEYp6cpuuVeGiLGqHZwQLu4zHgzzELGZ09Bhktvw0lbSa63nHewJVRSvr0JM-afbVLJM72rqeLO4mK3jSh8ezC~Qu02lrLo39fs~wBGE9FCN2uf-m6l2mZbqUMEyVIXBhtyAoIu0pM24SbGDgAnBzNJs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1476411999&Signature=N2xE5f6rI1zai0xh2IjLyrVeY9DrFJbPG4S4NWQ7NK9tdkHnxus4xrfgmHNMdvRlb5s8p5zNO2cQHF~I7c8SqURQsq1rGs9xGvtrm49Yepj8JAfNM-zZh2GS9wMWmwR3~FpXdedX~uVM5oAO9TjxWnu-JtAq-N~PTY0ymtAOhvw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1469408515&Signature=Cajy~dsHBgWxEnvDx2A0nXMQqVui3aUFwNhUC~1fwYrd-VuZt-sbpfnKS~TD~i~zczbQtavqi-j9A7BEan9jDWcCbcQPC4XNe84fOLzkmP9KtoAqynP-jW9Kk~vgmfwirF0G8Enuiis4z1oDmSJhQeOAJ1LEzCM4mXRQtJW~PmA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1479794483&Signature=HnC84GD6u1IVI2d7JQD~dhu-fdmeIAGYEaq1Q7fNUwIGdT6s2YWdjbyyka8rhDEEDGAsI5z9dcYHxbzOrUmbY-E6q2XHDZwanc428ryAQQl1LKeyg~eH0f-AgGv1rIN57cYmx3lPqOyTdyg44OE9Sc5qFFV-AtM~6njupax2sok_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1474355506&Signature=DzkyGs3er5Pf~GM~fRI9y~HHOV2gGJZ8jwKuF0lLP-3wdKca7rq1kS226FYHLkphQu6I4Mi81GMzXH5L3wwNgV8tRo95fQH~1CtELoVQpbQ5aB61qwlL87CrFobLnY6NW~lk-sF3Q05d6p7EW5SryE8Bj72XBYloH2MAOaBicWQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1476540008&Signature=Hj4vg-WV0KbsUVscPAqABe~cqkbT00cJKOJhQwzGZs4tKmH6LT6hrH~k4aspWZfviQEQYrxU0ZrEb4hkS6mBWjN0AQhGTVtoHhfPMtAH0sHFfiaYVre8qbhpixka~Ox-NLLqYinEI7He8j8Q-L0zDE8lJyXFkUyOfd253lUkdcM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1475496827&Signature=PLIGAYxfuh5Eu08hHral0E~EAB9j4yAZBIgtM6eusREWhVY53Gx~NxYR4Vaa0huYkw0i64c8iEzyQPYd8I~NjY0f1qvbSltaU24b1R1UgD2BjFMrQMvdXwiIDbjynOqu71fQf289-Mn-Xru0VIcpq70r0i92~huorkcYd~LBlmA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://ec.ccm2.net/es.kioskea.net/download/.../overlook-fing-2.1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1450336728&Signature=NF-TO6Qq1ymhsz9nXCEgMm~G6Zto9LrfLFtbirHaSf7Vn74iesL-R7rprEAydBkyiDeHuyWCX6byUWk6NUIOcvEOm92SLTY5CbYDHV2crLpARikOTUIQtVCeNdXLt6TNZhrxmssdKbjBJpqoIBJg1XwKdfOGn7Brx~ebqgYwbro_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_br&type=PROGRAM&Expires=1475749233&Signature=epogKHVGpCHsrmX1cErXLvQ3B0sR60WWcUwZSC-Tp6GQWoU5CBFDZQsGjQyhwprZwq35PlDgVg71rUzLYRdTT59-bG4AtDWE-E25gNl96qjSNes~ZD2BvP~K0eRJlz1NONgM-5s9j~Y74Ngsv2S6sEY~QTl-ihKHfmLZzksKNec_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1439918691&Signature=VVnnGaLyhgbTQ2oxXlZ5Asalz-hWC2gU5zQBQffvAKW8plzkAv38x1~5EW~qprhoEzvT8pO4vh9mCG~YURZ8Wdu9rx4lgoGCzdw6SiH0ao0~qhYsyTKLSK7PKDwtsNJsSsEwYEVvzNgKsWG-qplS-4ek9UHs-KCZGtve4wtScok_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1437206757&Signature=KUP~iiL9q-nem6SEVCXPblGZSM~qVdUNX64sE5qHEz-AebmU88YuRhvD-OhNrznxo-eRpBbr7mezuv3Qzh5~Naug8--AcXzbDJcHBQ7pzP5FdPMO3jwTJNMQIHLT5u2z8LOFulXQdY~ksFxa3ZgsWaTR2sGuGe~5~XsJclxVaO0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1470751229&Signature=NfE4jvnHFBQUx8BRAqRRr4vhRKPqFGzwQF4XCWu4vWXMkzUGWRAzxCzxVMQk5isNhR0y7RTFri5zQXt7xhwQP5PPHv~whK8Ul~vZ-YF2WfnJTeLBwDuF6Td~CTmNF1rwI9KdOw-y6sJP~HqjkCxnbVAA~5GbiVCUBOXKo~TN740_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_br&type=PROGRAM&Expires=1466245472&Signature=WRZ76Ww79pbL4gPIRm4Tmv4W703TW~3KteHtWimTLyZnLk0SnkoaWxevllTLQ~mWpP9JnsJ6GtgrLOR7uDqlReF-F9PFpIz6-GhGGsPHuDjYABVIUZN4qIriFFbx842aL6RREIbpobAb0iv-JJO8~gqZ4DaVEaHuskYrSYvKkh0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1470722896&Signature=Aha3o4QxmC6Y0T7fsfSIGKF0ALhrEOBSgBy3GDDF2F7GiLk0jsmedVBtiipizGxYPKLqw~OIZWAsGqkzKyvMcNVLLPmixPKtVxpq2PuJDpPxoUdTs5L-0QzLLOjIEYEZV0dEWu9d1Oi8A17TcczkIXA6k5HOykqgHJTU0YbhBVs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=overlook-fing-2-1.exe

http://gsf-cf.softonic.com/ccd/3ae/.../file?SD_used=0&channel=WEB&fdh=no&id_file=82817&instance=softonic_es&type=PROGRAM&Expires=1421228465&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=X4K2Kw~UP3Tj3aIcSGMml4WU0QdYJrQXDVFn40xejli4zM0bx93bNIy2tjWGZscMsuPB~udkKz1-LzKqoA~Fyp10RpRFSoM11HjzDaAsVxNrptcjZ4O2neq-hmMBIS26LoNfQ1U8FpU-1Sjo4pLgAz9vZXB2qeaLCYAM8qsC0hg_&filename=overlook-fing-2-1.exe

Latest 30 of 34 download URLs

Scan overlook-fing-2.1.exe - Powered by Reason Core Security