» removelogonow.exe
Overview
Analysis
File Details
Downloads (21)

removelogonow.exe

Remove Logo Now!

SoftOrbits

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.

File name:

removelogonow.exe

Publisher:

SoftOrbits (signed by SoftOrbits)

Product:

Remove Logo Now!

Description:

Remove Logo Now! Setup

MD5:

fe616236ff0324326bf045d04d80a0d7

SHA-1:

f2f89cfc5470cdc2da250479e99650576feb4fc3

SHA-256:

8d1d4cb3667a3d31b86088a8f3882c5372c394f80afa377580f1d2e50077465f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/24/2024 10:12:03 PM UTC (today)

File size:

6.7 MB (7,015,128 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\removelogonow.exe

Digital Signature

Signed by:

SoftOrbits

Authority:

VeriSign, Inc.

Valid from:

2/23/2014 7:00:00 PM

Valid to:

4/25/2015 7:59:59 PM

Subject:

CN=SoftOrbits, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SoftOrbits, L=Smolensk, S=Smolenskaya, C=RU

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4BA19F90FC0D6DECFB52C0CD053E7B6F

File PE Metadata

Compilation timestamp:

4/10/2010 12:57:59 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:9I3YcVrZF+qWCo9qhoZNsFiZU0bpNM0eE4ZG0JR/jFUCcP5mOYL+R3nI:9+YcvsdCMqhIGCFfM0ec6jVomx0I

Entry address:

0x163C4

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, B0, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, B0, D6, 41, 00, B2, 01... 
[+]

Entropy:

7.9959

Developed / compiled with:

Microsoft Visual C++

Code size:

85 KB (87,040 bytes)

The file removelogonow.exe has been seen being distributed by the following 21 URLs.

http://dw.uptodown.com/dwn/WYNTCNU3Ec7jiPxssDQALCzwabhUJLravspiUa84jH4fH_RSlnSiHwwMllBlgfhX8YQtIdSkJ7IK6GitCOilg7m6VsQx3191yuMjjQAwT8CR5vJk17EVU931jXbwJ-Cp/L2Y05AMoSVXlsuR7nImSuxYI-Tvstrrr6PU2tyxZk5IyYAvj3qmusDLD08PBuXFt1fkmxYMriI119KVRq75c1Y5gqcgSFWeAFhgRrLGYoD10xCrrXGc_Y6qbq9tT5Rjl/XNDx0HX-NLI3SSyLTIW_8ZqLLSuEWZHJiKV-WZc4LgUBErd-xC1ooebqjo9jGz7lLtrhdmBZp21TWqHN_3kOnk0NdI_WHDjwppuwIbp8ki_mZdaAGXFmX0JfTtRJxV6Z/.../

https://dw.uptodown.com/dwn/ETD9GdacubexV1jt0laExGIF1k33DVraeIDLjjnbMatMB6rrHY3hyJcx-9dtzvNF_SYmscrdKW0zFD029GugDzqcSvkAbKcSIhjQcz60h7SVNYHFT2T_lrDoEDpgM8sC/FSJNnNXuNPPFx08PjyEzJ1HLzX-9YwVV1peUMm0-cQ7i0ndSADFkGqIZMevycZMt9dG95Xvc7SxoDviabO2QnMKRHsNBGoL_DvAEMcaJMCk6O6YoZ9_6FinjjgHfso2I/DxoA1de_PlomJ6_68elxPFtXsP3pFsLfx60gafkjqDMXjy-K-Cs6O9J2duiV2eFxlWbS88f3GXiogDiDa2oQZOvwReCbU0cMvvbR_NIOTaeK-44qpQanQ5elOMs3URYR/.../

http://dw.uptodown.com/dwn/m8kptRoL5xIo0j4tfpLEqpu4B6drPRRG9K0vF2rZMYjonq82EZ_nDUFMSeROKDxDl0pLEnDdo2mstKytKz2ab1JkJwnJTBFDSB78TR_TDTOQUaOtXeLE5WOJqE0tqWMt/Y5sGVDprGEZ7FNlQAXyY0r3Eb5_yXTWBJRPX_n-C208e1HgB4tyQENaaFFKEpRJ1KcRH5FOCoqlvuOwfGoN5lApDLirRKBseQEmWEQCQZTv6d4xarxVNNl7PKip16s2d/0UKOXg4jpL7nIQd_1eWRuna10s6aSL4wsoBu5wDYgzSqqQFhb1uFQcUCg54snJxpL8OhZONnFbN4xbPT2JNVcOMELECcfY6VskjMKMqixqxQO1LnXPHgdGlxYmZUA7Wl/.../

http://dw.uptodown.com/dwn/b3CMvLa49bOy9wXDINv84nCQDpdO-xDdRjv0FTuLbeuQzv2EZVhThSCxbuVRBniQh-9zyXaowHyA1StbzyNdPoOiRTJrlEOU5NOciKG1bR3XCHpotmwBt-NlB_JY5ST2/TYwf81CW_I5t-jwJo2cZC06FdrFqIKivVquyrTV_3HWvbbhhngHHQYxfXcuI6pZkRfOMwJcLa8y8Xlu0DH1g7GI_kb3O_2Veol4jbKj5YeQUbwuKGhni2jcC4fUekb07/7tHFnHBLM9lBd1AvcEk8v5UlcjxQFRkVHfCL-RvpW5nYB61nk-eQ3LvQnp6_uSnJIs8NOYvISKzK7g8xiDAQYKmm4nZutONnsvAqEVa25ALlDue8cgafzrBQ_S46c-Ma/.../

https://dw.uptodown.com/dwn/WJFzFUoPWcI713AfHTBhK14NpGGlGwJuTjqvgGRblKqcidtxgswHWWz0OrFL70-ntJeV6pGjMewNHhjWwY_bmnhwih-tCGbt4wNV-AwsmKT1WGMzNqJapFsfCc88-wH8/aun9wMfuu-kVIEPJTedKf11l2Y319fZxs8VtjGdKpHRmsmJcSJ0Sg2oHDX3QFGP0JuNFCvDegfVCiug2VMZ4iXFCgpaLPbZtOAdwZqifooZHKR8sN1rGEDCmQedxwQgN/_xCZCi_6fiO3qi892cl7nmq4A7wRBvYpUa1cKlysiG7L67W_hhkWm-kOHbBnfog2UnvbMu7L8ambgSWg6eCs9QJqXbF8saohpecrI4n1BmGzNKmDOkXbvaxcSOgvYwYp/.../

http://dw.uptodown.com/dwn/zzscIjE1ZoKbLObD-zoIk9MxH18nJdegNcA-RkyyNrYwr03xg7si46dxT2HJub6-fXdmFoq14-IqxR0TX8U4WslmdPr-g4ec3JpjnoDRm7pWdyRLQKdd8xD7cK_IDq9b/9r3HfG6pahNdfVpL_t8R1SGsuSTjr5egrzDbWqWBUVnX5eLd5Vy1re0DVumHqjie2BZMaT7lUwE8SadLPdlp_uEvewydMKlGYHOJG0poHT4eRZ6YCipvOKIajNuiNbIX/mRzibYTy_6HWG3oAwEI7R9KQE0cfsCKqfQdTA3Haf0nD1O3okvC2HGVOrLEzQl7UtYmH-9OqAYOVC8BVaeSJOsSLGDvDA_D6X-NZ00xsRnSSdtgXsNdFyFlNYhnlRrqe/.../

https://dw.uptodown.com/dwn/JqyKyKDpituUYcNHWiIob1WcqgF_S6M3Z9YD-NN5m6_FrPLmFUArt9hsnE__7Rg5JtFEhoh31X-1LsI-Na3oeKnYCSltko1UUJKWFBqiF-K5m0Z1aiSlkgL4UxOxGYWW/CP56nbu5QRRCDguKKWCtUJw_lGEyS_VOmCRqTtnKKRTsLGgt5pF5RI4PmuKIL25kqGTydTrcfL5sEZKjOoPcICg5ALmp1k2BpWp9VEXHbPP6jVRTWr7T0PROTV3CZhoQ/LZBLbawa9fAQewnCFgHbTioPpwllDgIl-QVKCuJZhOLatMJb_13pD2k_jKcO7UA1K_a6RAI8Y0Xn-kAvcYYowSFT7vHBHTwAjapkMAEqjl1wse8-u0mF7edjOtoooQ1H/.../

https://dw.uptodown.com/dwn/8ZUQ6U0Pc138saZGHydqszpoV6l13PzNMC2htbDiVSvemXG4cEFlLvwM6EKbu0Wrh4NdkM7qRntEDtEU8B9XhbXtCaYWzxysqwsgVwm84lnALAyEYCEwX6dPhkTHVgCv/3rsfEjBRECNrpLIbkKaeSkkxlhsvbjEmQMZERfSstmC2pwEch6maOrJ4iKylGBKf-P5O1SPOgMSIv8M96SFYAPXqdaqjXXEiqxYdOJwDU3BTTEI3jFU2AuEkYRULyne_/ctB_bfMyDyAejxWlUi1-m31cB9j0ZaiJRn8jW6F3hCaTvrJrCwVrEQ_m56b7yqWi1UaaMSkmGYUhplE4ZRkt6uW2aMOyqWmcWB5-XCXoB2e4i18uGb05pRdp80i_xks1/.../

https://dw.uptodown.com/dwn/n9dnaPEnTZVoLuPoCW9E9YWaggZZKjkgK8AP4K08qqjnTqwhKQODTJUA_xuXPUwRxkofKejetG7xRw-cNN7Jel13hyFzcDuYDyGrTmuQbJXefnKAojfs0fuhOKaALmxE/N4uuSZ91PoaCxfY-vzXtM97BZLrIc6VnoDrC8W6120f6sZrBoBHZvoXc6vENBIig5OvQ3HXZblkUUGN7O_g1T7m_ZivhZKi5pkMEXBKymkIwQYkLzOzSWyjuJHSgk3bm/HgwPpBQ7pn9cGOjPwkRfGHrSNaZ58jjHN5Fh4gxWNFWnS2Sdux3e6BUdYcSlcxmNBuA1vzlmqb_wpjjgI75an6lUuUlB5WKKe_tgPhaRYkjDe6SQ3cNHatJJJX7eGZfZ/.../

http://www.softorbits.com/.../download.php?file=RemoveLogoNow.exe

https://dw.uptodown.com/dwn/4JXKRoknT5rPHR76_JZyDjiKvqSFVLDekuN-JJQTEULvftEA6w9ABxW2L12bddJnIlbubypl-mD_QaO-_WB0EY9voaQ2Mq4vyVieKNjrTQQG8Nf_v4wTIxPZfvkPWSfo/8A8gqt3SyLLOCYTSB-iLt2iV1FBbLuwy_wQj1Ps_DpmafX_yLNX9jqUuFhOsqNALcOinHTc0td6aC-fnh0Un0t2UcW-cCnm3tOzQqW6moz3zKs7_BrxIH3DspX5nT91y/_BZzPYzzsY8-QCXCRy5zMU3QMQpKoXx5fKAStmGcbBH0We-nV2LvT98VuTHXp7hifBze_VrzeleXMCYLEDsGJIrnjn_7iZ5kwWhMySJwyE02jFD0MKEYwv3ECQbHiW2a/.../

http://85.25.41.239/.../RemoveLogoNow.exe

https://dw.uptodown.com/dwn/YUSfdAWJlO38_6-ma1UIU4WQz2Ba6rqLsP9aPzXGqRgN0ZlmSubfi5y_-_-e7sKBRi7wlBhea8W5tjoYDP7Vij1mQVixSjcvohPZRitPsYyy6Rtfdv2FH5a4Rnp0KwaL/BunKsA6eHWoaL1i6PfcrjoLWJyDPOzZsBv7XoW-SdRjjHfb_F9Sb3cA50CfNknwyBiKQa3m3yVUTr3x5SfAlPlnGPzjOTfKGYaR8KPRjoljYWrMgZW71hrgmHwJ-lAYK/QiI76EZcvbPo91r2wUdrIOX8RJF9Bl1cOsImw9VycyoFrhFaq0nFMYtqpmpStMIQA6bANJvbmgoajFwASXQJdOd3mN2KZlVVQm7jipb1xuRMeN92UsH6q1CMm7K9DWO2/.../

https://dw.uptodown.com/dwn/0NJWViN0jm6pdG7cvyrzZXgxIpkhO6EINXrVEewgSUoEUMVwx9M1mSdWt2vL8ieofmKEakMwFcZKrrb5Ho9WNAZViBqENre-YHULjrOp6MorlQE4e5N78iJVB9U1Q4m1/wPn2OEvXD1B4reSleTYkSVtwBwdRD3EmTpR3ELGDRD99_DXpo7ZYegmisldQORr2tXSukxTyhJcZkrgFvsm3NDDc6wdGwxxvyAD1YEQIMrdS5-HleBhx8B4jxOZhDeAj/uAMyWpirdRhEb_jRO0h5AbHzNaW0DHGGbARrISWSMQpyAt4VgcPxq10BfklxDNcBCkaXswt1bEX8s9nEWuPLsIu5lvyNTiPxOnMYk_P-K1FMrpFN9_FBZyXBvqDoqAjI/.../

http://dw.uptodown.com/dwn/Yc_0E22YElMaqHpXZgUQP4kMFfyB1mCXsJxgYok4Tf7VpwDMZ6U5J3coYXmejuKBDOWytboRRCX6OMqnKZLah9ga7_bhBsPRqDUwZgnfnMZ5LzOtAOJaz6uW6ZZ_9j1z/1cOjngsGpG4AihgrUivWhtB1N43IU8sKBb5RcHMnQei3-ZRnZGWTl03qz9QFeYeEYFXQ3Q0nzINwfOq6R8Tl4oEsM2QceTertsNopW_OU18HTGlNq5Ty2hOxhhzAkish/P0Zm4K3rTC72KZI7Y90Y2IOLEGnYALwSWJT6g9yQFYlT7z4XKQAMglFpQV9YSafLQCcCtxXj51bdq60kT8EvNfleLpvj7GQsSrGQBfZMP3p4IbuE8gMc2f83P-GDi1Y2/.../

http://dw.uptodown.com/dwn/fMyEtLjJ2ySa1kjnwn2JSgBXqNuctO5Uw5I5Y9e9QLW1or0VkF8Oqp4Lg1Psrs8ET4txysVIEuInetAcfDTDrb5dJquemsv7tlrK6UAe0pS_k1085CBdGR2mQ65xMVjV/x4Crt6lilvK4_VM8WeJ9fezePJVRxiyUwq9BBeSBJ2O0AffqUOA01KavoTb_tLReQoBwYpaezOhjnf6URu3YYxAulp12yLAgCEFTNVHq3XHfFVkEUSn7hMTPLqJJOcJD/owoqc-JcKDrEpvcVIYwBl_5v4TCtncTND0W-xjps1XuNzXaGcW5yw1upp0iQDC1LjZgzE-hCjauvl1ZPjLgcA24kK4JPaqQa8Os54JbQB_OOdF3QV-4ZPSFWzW4KZ7gO/.../

http://dw.uptodown.com/dwn/rBpSv0Xg3NnrI5ykrMwNTc6eIJSrF3hw02MqlSapFTpxjpD25dH_GYThGz57KK87Jy6AiWWCoIXtJNImP355agXYxZBTjwXKRJ2ekLKEp-7Pr7_JEYYxP0GiZkfWaheY/sTfo4uVTisk3xUUbnl4pZQq09lO2NeDGjpN5buwIt8CFWs_w0Ddb5PPs6JSCHw_DuF6-OyrcvMcohZSeDo6sN0Bn6xQXQAjV6W4qXj4QcInkSL11tkZ41PexPcop-RxH/TEZeyXtfBN915MyFD3Ie9l8hPU-HfLUpiAPK5Wp2ZZGwdBWFJcu9aXAKH3HMguLiKIuFeyQ9kTnqNYQSbH98-PnR5JVc_VJ8bLU1vgLf_tIyxP0jQfnksLen3P0Wh815/.../

http://dw.uptodown.com/dwn/xJZlAjjLSbBd55AfJvY8z16ngAERrQH8oa1ig_kdJ9F-HGfddT3hX9Q4uhIKcSkSgPOikNHJFrd1pJq_bXkyFFFsgCZnYzPuFyuwee3TFY2pDnVFiybUHBArzppnLPWy/8sRXuYNszl4brnYq3CpRt8phaI5Ypsp9O6cAFa31nTnh_CAXYBSzsAcas_h-bAa8hblOZOEQddw0_ZQ1_SQO1g_1Ohz4GDzMT3-TJpZcysu3NA87m3i7u-wXhUDNM4B-/ju89o-hQ2d5ZMhCFqznQGDCMP9sZ4v7_Q55VZbdqLS_z0RMBPqsVb_4YW6KNo2SnqelLEJIHU-JhEmzivzVTh7_bLXbIlQ--X6Cbr-W6Yl-9CvaG56kkOv3HTqCoNV6G/.../

http://188.138.71.121/.../RemoveLogoNow.exe

http://dw.uptodown.com/dl/1433021939/.../remove-logo-from-video-1-6-multi-win.exe

http://download.softorbits.com/.../RemoveLogoNow.exe

Scan removelogonow.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.