» polarbowler-drm3.exe
Overview
Analysis
File Details
Downloads (35)

polarbowler-drm3.exe

Wildtangent Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from secure.innodl.com and multiple other hosts.

File name:

Publisher:

Wildtangent Inc. (signed and verified)

MD5:

4c735631afaab2f5a6e9d2691a0758a3

SHA-1:

580ec4b12d52e047713031ca1ded1b2d2ed61881

SHA-256:

9d9b89445f93b53a993abeecf18ab9ce42c0df60273242a1580784ffc3f3a6be

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 11:57:49 AM UTC (today)

File size:

8.5 MB (8,908,456 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\polarbowler-drm3.exe

Digital Signature

Signed by:

Wildtangent Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

3/15/2005 5:29:57 PM

Valid to:

1/31/2006 12:11:04 PM

Subject:

L=Redmond, S=Washington, C=US, OU=IT Operations, O=Wildtangent Inc., CN=Wildtangent Inc.

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

20F9B0

File PE Metadata

Compilation timestamp:

2/7/2004 12:26:28 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:sjeJoqOBvV7fV1OBR6GT7xC1wqUa5Ej0hVHHmarMfBrJS2TDTlTg5bm:AModBvV7diR01Nvi0hsarMprJTX8S

Entry address:

0x4048

Entry point:

83, EC, 0C, 53, 55, 56, 57, C7, 44, 24, 10, E8, 91, 40, 00, 33, DB, C6, 44, 24, 14, 20, FF, 15, 2C, 70, 40, 00, 53, FF, 15, 90, 72, 40, 00, BE, 00, A4, 42, 00, BF, 00, 04, 00, 00, 56, 57, A3, A8, 3F, 42, 00, FF, 15, D8, 70, 40, 00, E8, 8D, FF, FF, FF, 8B, 2D, A4, 70, 40, 00, 85, C0, 75, 21, 68, FB, 03, 00, 00, 56, FF, 15, D4, 70, 40, 00, 68, A4, 92, 40, 00, 56, FF, D5, E8, 6A, FF, FF, FF, 85, C0, 0F, 84, 57, 01, 00, 00, BE, 20, 37, 42, 00, 56, FF, 15, 80, 70, 40, 00, 68, 98, 92, 40, 00, 56, E8, B4, 28, 00... 
[+]

Code size:

23.5 KB (24,064 bytes)

The file polarbowler-drm3.exe has been seen being distributed by the following 35 URLs.

https://secure.innodl.com/.../polar-bowler.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1477193331&Signature=G9tym6DfNzkzHxkaMltVwzyHeoj-zyV73PXI377DPEJOZp6IzBg2Rd3hnfX~yhzjxc54qtrZkmFBhFuPmlC9ovP66acUV1ljU1XhuLKYnjzxqq7f~k0fi739kYgr35xLmq5F4zMlKrPTk4piBFhdesHprW7AgNfiVWA1VxMXiNU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_es&type=PROGRAM&Expires=1455694603&Signature=XWZGojNOz7GXE2o6A4NmIkm1fHLj7Hvo~b7kmsV9AWr~IylkCFHQq7f7QsDLQvV3snCr4YXiXll~KIvMYqqQhtuny6ywpelZ7cSb1wJtGNJMI5JM9rA~zlPlXVBXL1WKMrMXxOXIKvdLD0v-GDzEOWNUJ3TJvGrul7UefDWrQeI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1471762359&Signature=KuY6w2JDRWBNuBi7IMiFj8rRODIBDgax-Pi4OBi7tL52yp8McCtVZ1SWs0RDjmYytE3ZCRbJDYHk6fWBfSupC-qSOwaa0anPtSlJn2C0WeCLNS2WCX5xfzqxu~2bmq06snh3zo2zmazk5JpK94oEOiO3ORrSia4IXcS0AdtJjdU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1481387246&Signature=fo0O6hAH6YZgcr6wXK~Wp68~oMkDnrPp0Nq-oV7lw9Luis2S4-TR-yiDPpL5fY3GofZTuWfD1ArwbYZJVs8YBAgwaqwCK5aImnhyfSwjZyGdeoBSs93FE-xt2g-buoMHeGydaRCgkLPoL5B2rp0OfueEoYkLqtwmU26eVvDL-O8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1469150177&Signature=cDOqr7N4qUgnzF0KulMWSQ2TdI2SDk5y9cz0uKas6lZGjbCydG7QKTqwB5yvE-mf~eitnvSQsZwuctAVhTqmHo6WL-nVpm1brckeSfT1cKAnvLGZSIQnkrApsE3imdsYvRLsKmjR1SGqwjtZh5Xhn4WcoKy8JO7kCIAW~CD5jXg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1453195701&Signature=CqOMEbrr~x-L7rQznrgi8Fdtz5-WV-F9zwQxnZ5cHfHpAJq5lGk8A2DA~mwnGDpu9xEjCRJu2kskPj~cD5UMIXx2HSi5YjHymSMfQ7YwKHAxkErlatXobdECaj8jRMU479EiwqXhyBo0vO0yDz2gXfF7MMOXSPlMX019U32-1wg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_es&type=PROGRAM&Expires=1479731296&Signature=Q6mCya6anLuRuQMdHniu9b7eMBrfCm4OtmrxtP01crRp5-67IOstcxt8qqjhm7~qIrXSD1YScjZ3yK2p-9~SVI05zu741S5mvLBTnIsto7PzXY4byy29noPUpYHhFH9EVhklrkKq0PLQS0Ss791x~SurpgS~BOffD0rBwq9rjz4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1468514721&Signature=bq7IQRWZ~~79YOE~KAt6Mc1qILZT6VV3Yg4tI8P94MdYqXxzmpLogxpYnt5A-DWW-Z4mumaW5CgfZTokehPRWA48nYjVRERqnuG948pe~a66Ci1ELF3BMjP79tQD1h4~ThG8d8t6u~7tC9cpjoAL17-wiOUiYtsboD8KOlz2Q3k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1459311937&Signature=Gs-eY2jBnJQRgjWtvVr-hCHqm87NHEooLWU86BSJRTXZjQpi01-cfY1GeU3EFDcYSFi3sgr65mZEEJCOsty3IOSbLrY077XEn44atw~naasxJDrzIbGelCmK0AuphWbuxIaA-3hCJYTu~vM5p6uez87WwVsoVLFnzL9PeHxZdkI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_fr&type=PROGRAM&Expires=1467362157&Signature=ZsAtDScxJBc-fibV4avD8hJrXGo-Ohdsuh4QiBgD7EwVJpt5FNrx-FFUckwIjoNnkRUYDTmjCz5kzD4uPfcDPHLagn26ZKB6pAL76-pPdnmuJLwvA9Z0zyrSaaoUoWSijX1yap1plj-i9SaRK-j6hq2REq1Ut8XZKv0NEG7DIHQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1474527329&Signature=egIapSLRcuJNnQKZmx6Q7f-LUH8ykGn6CvmJ-6rgkBgQKUj71B4ZXyBt4~UGl4rtKxvEFmhEfx9wbk~iBjUF9mzFcccsPaJJztX4k7Yg0fRlqbXUojAZTDQS0owkJ8l0eWYQJRPbHAXJGuYFjr97Q63zlYPekEIMiVzUyzHEGTk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1478351307&Signature=cSh-AgwShDOeVDNQQzPH971SEPEgKYwEpq3F57BPWaF8rQr6vbr8KM5Dw3TBhaymfzmK6pgDQucqnIC16PW7FNd7a93BF34CnovXjxmSksf7V41kXwOgZo3KJPghBoutMvHx6xmOxmWtfXw6zC25bVkdeFmT2~vYj1wd2vWm91g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1429892638&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=HzNqWbTLqUtl37H2Ep8ZBVaorsFbW8irjhnMdcfsQrA8d-L~skHJV3qHBlnE8E9ToHNbnRH7Gq9XQefwXIaNzpkgfXx53K8~HJq5Y6oLIMK9SyNgpRzdVJRueimakQ1yQf9x2kc3HoSK4FfROmy5pgRXDBScZyU6O3onavuKHpQ_&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1463073706&Signature=fUOu0RmRZj3uB7pDt7gBXE4bOBYYma8FQioa9jlpekJbQRoJCtcASsdlHUAQy9PihPu2YIk8~VOllAZxQrX4B~v1WHKBT7Rt3ATWkQN9Fj1UKyL4HZm1cxcWhmofOb2Werda-mDnRGYEosLgtuE7tXaFR-cngZoNnKW57ccajh0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_es&type=PROGRAM&Expires=1461213778&Signature=DrN9itxXdeduWcwci682ZOpsxT6w-FcCv2it1VLY5raoATbXyjtZleRQmo9gL8Da~9nR22W6kDh~O192frI~HwHbhwc6VUBDA1CyPASYD1dF8xFbrv0sTY2MXDi2oTfgIaMXad5Nc4EqHGGZJd1z23gWJANA9g-SwZ4GfM9MT-U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_es&type=PROGRAM&Expires=1425143531&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=FKkVpllJ4XZulZDCmPSoaiiOd6Q7j~Kmfc2vL7PAdYABpgoFYSQidDEHOqOVdbyH74nm-EaVDz2XL-SKhPalSuL44feh6PDh7no8YfC5kD9GbZzH62wcigctG~-iFiU9n104Q5eyWnM0l2ntH9-nLb1Ug26OtNGcXJmIvkdbNIg_&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1467806099&Signature=HPf~w9l~cSUsQivPs-kC2dZJ2VPBQKaNbAWZ4Vrwv6gza1MZ1Q2lw8NrCAG2LZTlgRN01gPcevgATdYfKs7PR4kLHdvHhGbPttjaGxASeSgiXbdSOqt2o33Rck7ukSctiuYhUroqwtr66rhcSw~Us7geR2cB63LWBXnphzIc4BE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://www.softwaresharetoday.com/c?x=XmNrELeDv256RwJoua7C1HvMc1rs33tR21wxvmJ1rcU=&c=9gH/Jd70ayqABL4OsmwJz3E6pH8dKLI0Z5I1oZwM37Z3s9KiDpRrp6SHO4AMpVyr1uwEysca4IhNceKN1ZK6rwZRpwbGE567Vd0Uid6YkMJeci7GZMfqax5wx8PYpEixsLzG2FoN Ai 6ZcJV8JCHIbuD2odb4/tu6Ad2QqG6Yg=&e=0&fallback_url=https://secure.innodl.com/.../polar-bowler.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1465469700&Signature=OdFypwiio0io3jNl1c2cmOEeEC5Hx~eV5r3ijNXAYcU7duJMvnNjY9kDp~uxrq-wnex9iYk6oew-1Kc1kkWIO~NDeRs~EPwplzOMuFVzIFskZJzuM~Ohis6nN6~scO6biyRYw5N2oJn9Q4pMbEY-MiwNIFnKXIBb6c-wn0~UEqY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1458801717&Signature=HWQwHN9zMPxxoRPfl2vnMtEKreEloacZf-jKTsy~lox53OQRBZtE2q8POPZQEs4BIDyK5Um1r79ebsRIaaaGRwKZw8Z-T05IbZIWmpgka9ak7~pDGsqK0cZuoNcDurYimy4ILlVQJdiRiRPm4KxREvcZnV4cITMlCsyxnYMu8-U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1456060851&Signature=R7rdpM3nOe1zfdiLvaYTWexFRHrYE-LV5F5nWLhQg5G0uj0LKDoitS2c8hyT77ta84D3NcJAesfn96TtGCjro2y1NLM~hzVnshhytUOKbDFFSGjUaim2732K-NbTX5cm6xaNjarfJ~K6MFh68D0tH0XmtRFqRfhhgs-wJvZOyik_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_es&type=PROGRAM&Expires=1459601994&Signature=GK2mDb0BQWhc~wyWK8mxqN~26My6BDE9GgImca7pW9Ji8H0DasCNgqUvnCRafGypr0SmWm78WoXgH~OQA3fYYaOuytuAJ8bDiVHkU8PiP-C8pw6LjnOTIRApSqw-M8BnO33NenIaP02ouxOvcBtCnIUe9R0RJsJvGPU5AxhaxIE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1459711075&Signature=BRWoV97TY1bVqVwMAWzHQLbWh0dAFXuhcYvX~dYPyaWN8fEVLxJc3HAow3sL46aHAxhQD2hH0zApyN~b3y2~dBzhFKAzRC8Q~aRYTYED5bKUGQHDM7F1Dh1H8J5j39X36NKQTFESu3I-j8pLqjNZh3w~bYZNgvEZHyWprgtAoMg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1459515116&Signature=ZA4m-329fBLDyJ8x8K-e~8KIWCIQkLZLsVZ1K5gnKVCxnEwIPGyN4HQUsAMe9hIeQLTWT~lyrTOaZKgJJlICQOWBLRwc3ZUJ4V7Fwb6YT~cmpI~ObFTAinVJeb8s27dShTO3fXK7kCy7bRkFtPvc41vLJlYnOzFY~-wWbpHUFFw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1459423650&Signature=Ze8Hvx7VvbjAOHWzeq6Ej5lFe5C~L4wCFbYra-IuVgEAfKb88Ntigvx5TlAwTC7HeqAnbY8FqVtFUmSkDjEsE1RP-QMza5J4NveOHbXpDpINuydQLJwTWFaTiHSsbrSNthzRAv2fPoL6eeL3umIX4jlHwacyxMRWnYppUzlxu0o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1459138028&Signature=VFO20lBTaALnLCxpGpPFynTGaXzfXFL-HW7CgbRYAAtQQ8yddh-S4jb0uB3n5qT6MIKApD9njOjUdMpCYfSY86yPe9B0durijODSOum4R8UFMO-cJrZy~ZvHTC8A6pFqBUjzV0u-J1FmjFbbO~w9y2TBIxvfNCDBAwsQMvuA90M_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1458723606&Signature=aYkqTjWrvDG2ldndHk49BO7iMylqNE69aT5D3L8k14nwgeqjNL2OqezlNT0ryzN-Y-V6h8IPeSXLOit3vT8BfZvouj3-uLscbLNgMrmjysSDMxCRQP9oT8vZhKL-mMJ8FzYFsmKRYJggcgVI32DVhQ~9cXENqVvy5P5p3nQTjIc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_en&type=PROGRAM&Expires=1456684011&Signature=NXfwMs5Ob2ILtKQ7BD8YmX6T~EsAFW8g5mKsKQ3vil3Hy5LCRtSerSiuofJzzOFKT5wDaU2YDByFrZufHzvFgX8kr3mFv4drHYLnNw6q2V-6CU8cBJr1RqKwpVQWRKEXYlKF-aDU3zOFNoBGauv5x05XooFjix5ReC4lOOr-plI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

http://gsf-cf.softonic.com/580/ec4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45593&instance=softonic_es&type=PROGRAM&Expires=1455480860&Signature=KpZpHPh1pWjYBwnbTy7WSa~rEOUcGkpmHhI6M2hDEejMV5HwQPcTaooa4b5T0aiPKsFytRzAaCOeZ3f60WoDgycWWpQ1LGIIPa8HUyroI2PJ7ZsZL6QwQaCh5bzX2PFofV5ZucFQAGZtdFx4UmNXqaFh~UEGhGUJlxYW-VxPFEE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=polarbowler-drm3.exe

Latest 30 of 35 download URLs

Scan polarbowler-drm3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.