» printscreen46_setup.exe
Overview
Analysis
File Details
Programs (1)
Downloads (26)

printscreen46_setup.exe

This is a setup and installation application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

MD5:

c72830ec938f25f8a615538adbfee433

SHA-1:

5ef24e769c92d0c1731c034e03f78be381f34a23

SHA-256:

6cd7b2f19744a2a111d7abc610200efa389b338f251d5bb3d089e120e96d2196

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 12:58:57 PM UTC (today)

File size:

2.8 MB (2,885,296 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\printscreen46_setup.exe

File PE Metadata

Compilation timestamp:

12/5/2003 6:53:13 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

49152:q3F0qeC+neLQ1kJPmXWY0kwgtacgZu7UdKMJxkIJ9FRbIF2H/lLMR:qeq7kgmmYLwEgU4RJLRbI4HdLMR

Entry address:

0x32C0

Entry point:

83, EC, 0C, 53, 55, 56, 57, FF, 15, B4, 70, 40, 00, 8B, 35, A8, 90, 40, 00, 05, E8, 03, 00, 00, 89, 44, 24, 14, B3, 20, FF, 15, 2C, 70, 40, 00, 68, 40, 8C, 79, 00, BF, 00, 04, 00, 00, 57, FF, 15, D4, 70, 40, 00, 57, FF, 15, D0, 70, 40, 00, 50, FF, 35, A8, 90, 40, 00, FF, 15, CC, 70, 40, 00, 80, 3E, 22, 75, 04, 80, C3, 02, 46, 8B, 2D, 1C, 72, 40, 00, EB, 09, 3A, C3, 74, 0B, 56, FF, D5, 8B, F0, 8A, 06, 84, C0, 75, F1, 56, FF, D5, 8B, D8, 89, 5C, 24, 18, EB, 05, 53, FF, D5, 8B, D8, 80, 3B, 20, 74, F6, 80, 3B... 
[+]

Entropy:

7.9931 (probably packed)

Code size:

23.5 KB (24,064 bytes)

The file printscreen46_setup.exe has been discovered within the following program.

Gadwin PrintScreen by Gadwin Systems, Inc.

Publisher's description - “There are several hotkey combos to choose from (PrintScreen is the default).”

www.gadwin.com/printscreen/index.htm

About 7% of users remove it

The file printscreen46_setup.exe has been seen being distributed by the following 26 URLs.

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1435039417&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=hwdRQM1P0aKFW6p8rfaNXs--TjiLUpq47wv28n~G5D-7cS1BRpgEfLRdLhC5Ym4u742CA7EleQ4xyNBAS6Oisc~u3bZYTIMzSwzcFCYFzbAxiCWT1hgIBzJiBHUW0~mgNQmgLBxE7Cdwpt~aREgLPzNPKpSQdX6lv2pPLWCvj-k_&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1476666471&Signature=bpmwdgOMuRlIFrag8Okppp6j3xzM23dSeYlYfG13c8~D20wmnvikk4-0BElzXZGNXfJkF88OcJVDEf288A8NrV3exvMUXfE9rfdGRKrzUp-~M3r0FWU9Nx4BMBLoZw3xbTu4z9I43fxbtt9OgU5D-HvxnhVyj9vz2K7fcw8ziJs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1439884545&Signature=HimJpslHteXgNxb6eZ2BG1DoIk78dvIXMINLjzirlqaOSxdIVeDw9IdI5uymDJMUiryfZJ0ERug8F7JDefVTrutB5-NBmWfQqO~ytRQOjzd5UxGdU4kdhEWelfFMsa1TKDuW5UW5V3q5v99A9v0pl~bMnT7NXjK4RrlKOhg21is_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1476127388&Signature=J72SuohjBHM5biLmn6XNLUJJ5HWtBiSGVtZwmFTyFsf-Xi6JPCXRQU5f~SCGYKxrPG3QVCMY98QfkN~5~1JlfnVSVH~h8oXbvRZTQTIbNYJwtkZ84iKGsz8lqkIvBAdRkC8upKYrA6mS8vTmq~dUnsfMnS2etB26wbfSGDW-Ptk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1480820448&Signature=GGnlrAuIFkDdBWcZXosbIMTaLo2GG9mktd3lv1jwi6q5HB2P5OEbhG9pVtD1XtpJUkcDgGWWr5dJ~cCXSqO~7TjMhqjrypd9r0QRNXoKx2ZWD6I~Bo~Ded6yvMkMne48LHMWcaXY5lL7TybLhTzyLmJ4i4Mtw3DanJiskdink1c_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1475808837&Signature=VzzfrPUDMB3~LjKrgldrGagFqbDnO2PXBrgZZPzPyLrLIxErI0XAtyHn8Yn~B70uX7cEYX1TlrdeJ66tTleCGlkKzBdT3Km4MyL0flhbLyOsPNbqleUtbwulvtw2De7~J8egiqfetxFYChRCv3RCchvvjequ-aTQqjWCYip~rmE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1431329038&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=LEbvPZoZ99br~0Qs4rq~qpZS3B5WS6YiqCae6GQJUBjBcx83iwRsDwXaCbVaLDelg4hcK40Q4uLLawcxCPZJ-rCCkZUe-7jDqB1pqgbzdd6LQ8LfjbiJlMLh11aDRPJqqTtelYRTJgrMZm-1xzTb7ZOWT~DsXpYnyo3WhNUnAuk_&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1468098368&Signature=PL2ZUDglhv6qQRoWkwv-IBTEM76yMfH3adwsZwRUXcsH9TDQCQUS~QPYqb6p7RZyiBFkqmhbPzo95rhZI8w14G10AJjLRV-lgnMKjCiClQcQ4-oWBBQHD-L0F5Rl5FYne-aJ4Bh2TTvqMpB5rebvEspbCchBtu1BtbVhr-QwZXE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1435535139&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=SVJotL0okSBS4WtI1sZS0EYpES6O9lIcE1wiU4bgHzWJTObz6O1V~cSpAxG06sdSDgSX4s5m3Y3snQm3mb-njJTmaPjLpzaRlQdGK-AwecaMC0g1apPq0DfgUKJDLLhfowL0MxIz0gA2Wj-26rSdImBkV~6WD2IJyAF2SazmzWI_&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1476427654&Signature=J4gbOUen32tEFhLj3T~5OiVnTZZgXq54tnUGJnxeIQ3XNLNUvzjY1cngUre61Bl0ys4R~VKL~KpLBwvHhk~voqbVqKDkNUzGzhIu7yDsmJqlgOT1OlVeqTdwz7oXcN1Bn3r0YKvRSH46bMJp~OjDcUXBhRjJ7dAqH~G9GCeoIAY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1460627282&Signature=H1fBxVsRt3nzde2Rc-zt--dfh1kKrWumt~Dygm6CbMpQ3fM3OdQPRSCB5AZzrGfT1XGiQ1VPNffRhrnmNTb81c56xjkeV9lCFW6l0PoPzHqk0hV0XkpvQL3MJvJqhV~L4t2eqWwI7eJ6CbBx1Jq393Fev5YxJDrFEzle4GrwoBE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1473910365&Signature=HiUdhm~Hh5Lfy9UEt~ON~wPRBRf~dkI0RsHWALr0OHXWqyPgTcbYYcIadFjFTxCCSN-lxWei1qZpEde9AaQhnzjHsYSCs8ZT~xBlzHost9RI2EBxQJCMGyMfhTtq4mZk6iBrUn~VzWoSe6pzIguU0BDTzf0kzfLXjV9yP1lQTTE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1458187201&Signature=HQbOQ8hkyL5d-05ZS91OvGPIVv7LvOxOG76Clwy~rNAerJxSo8U2HC5YQr12gfCiICR-a~gtF4uKs9IddUjX6CNSkiQaAUwUv0NodvnsZ9wF3csPP4~f3iVdMH7BllVKXK0Bc0NPDKcgbiF~s~oMJr0fiN-10aMNVwmVn97PA3s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1468272848&Signature=Su-1~TcONTAGvnUZY9ThxH1Yy0ouiN8m2h-OjtJcf4A4joPAoHGwfc7cSxBpmbEIHKGfgM~U1LlUcwKsFi4A8k2TgUm1hcCUEf3sTUEbdERFbNglOWL8Ea98ujPgrCwO0R3v4JmYh5sqepOcMOMCUQZW0NkQ-pFN7vk9BkT2GB0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1450189159&Signature=U04B2ie8cvaZDoSWBMjZdjTy3M0OXM04h0-7AzqaXl5-3N5MWDBXPbkomfBKtKBpCqIluwyOEbIaJyb~jthojch4LQoGQNQFzjUpk7veeaFXmUK3Z~u~ltX-rlhGjyCkP3EFF4dI~blSfkZm7F6rT0KNH0dpypSYYUuXLoRRjSo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1457934988&Signature=N0SjwG4oBL8nqfV3rEW6n6Y2BFRHMRf2cN4o84SDFxHXpyjSvyiVCJkzmvcWbzmppknLAGB6CN8N9OPN8Kg76fxrkmlUJMG28YY8dgbjV-iLU1Y4381MjZoCIULYT1t39yo-1Ylp8mxjrALZB9GDv564DnIukBa7Kdh6Nvdvphw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1463640212&Signature=AjaJ0-nvova8K3~wrpyq4s5E4ev9IukgSaiUEfUhWTAr58DaTtcCJSYJc5rRGaX8Ut14pahzBMRKqdVM38kng46g1piJE7WcnWCNn1iAk1fG3u56qobBTXjtwlzu2-paDKZxKGzrGu3yaTmNJrDh0DdUwMwHIM95att-bb9XQAE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1460224170&Signature=U3FrT2ap7CQZbzhHdvyrvvlUlnR9eL--qCPlipg4mQkQmhVp5XuJSrNL1J~YxEBFp~qSEDuy2S620XkoeuYp7ZOVLwIOe3GJhyb2nJVKlcTxAbGh4o60r7l5FGD04EWiY5XC2bAZ3MsWmcV~v5Eg7Dy5pWndOykOQCnotXaKv1E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1447075834&Signature=IwC2mc5Ve-ZLB50Xs7eQa2IGSwrkB6kdjV1NGAr0dkUhCvqtBOf4JR4xORPA6Qij0dKuwQd0Uekh4FQrDxeTmeZcVuHX0V47uZ1yCSh~dLBeCxGYWbM6NzK4x~P1Z-T0-IWXvsYKpNPfHTHu5RbEzmc7EejM28J~6z9lsD5domI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://s10448.chomikuj.pl/File.aspx?e=j6Ux-NnIOzxIWootc_ywNwR0Ouw8fZNSuQZ4PVjwLTx2BPAPiNeeolRmnDuqPhWitP8IbqZ7ufJ95lev_HN994vc31n30clWVD4xm4NKYeD59CqIsa9KgXR_Faphyeq20jRgQR7FhikOM-sVbVJ9z6qbvVmvc4XG1Yj_Mq4kPrc&pv=2

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1455355680&Signature=he~E1YHlBLjqyma2VzG41XGS2opM3BrfML-BiRbeHT4kUehLVdyKi0McgnsqKg4PaWIGN3a2cTC7kgiTyuwxkrC6WTZIpYsaLt13ISL~Qp6U-VwonXlYD1NusfuCwNjUm8Nf5A9t~6ZAhuXCEAvVJUySaHUi~uK0-a-AfE7E8Mc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1449035928&Signature=C~Dji4n4QO7XkEsMFRR-QOo6hPVJdB1rLhT5tR5woS86QL5vOXeMgix-LTtQLgKd5JKQZ1MjHpKL5ehQlma8ozU~7X~Lwhk16FqlNp4~Ki6elVmb~Ff484pTm6p6vawrp0ur9oO7sBnVy5g-5G6RhIRFk5KhnNsEN7zW8WsLuF4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1445178747&Signature=cbqUqEvv4vwGRo2dpYV1InoKhGNS0pM5K9rca6rw9V7wV4VjTr7hijGtA7mvD5a8Gv1JykfLSZ2BdFJ3OG8IlJbqv3McWbSXDjsQI6mR7P9sZg~CnPtA42vZerml6tJOItfw67-Y2u1wTHUs3msCTApwrpX6NX3C8Wpwe6EwwdU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://gsf-cf.softonic.com/5ef/24e/.../file?SD_used=0&channel=WEB&fdh=no&id_file=21478&instance=softonic_es&type=PROGRAM&Expires=1452115543&Signature=fl6y~DgRkzEHZ7hpEWxQwXyPJhDddwXe878UNdLgm5CsIKfTWJAAWvyPIJ1K45va8QHX9j9Jm5e8jMbLCvjlE800Ear-lOlSsu9WpOAEAEpGieZC1lbeF8~16tEGuNmqmlMViPe3NF3knJTmkHiYggvrTPtLhdrZnfdTRQP0q-U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PrintScreen46_Setup.exe

http://global-shared-files-lw.softonic.com/5ef/24e/.../PrintScreen46_Setup.exe

http://www.gadwin.com/.../PrintScreen46_Setup.exe

Scan printscreen46_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.