home

scratchinstaller1.3.1.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
afeb7cfb660bd65c8aae15cf630c6811

SHA-1:
a5076fffbe596f3b10be6ac592feee080db2a729

SHA-256:
5743136ebd1ae78151312ddda8edf3d0843ec6d8999828168c6e49e26672529c

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/25/2024 8:51:55 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.14321

File size:
31 MB (32,525,890 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\scratchinstaller1.3.1.exe

File PE Metadata
Compilation timestamp:
10/10/2008 5:49:01 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
786432:b/WHF0FAp8/RcV9L+ic3SKF2Ukg54kGWp2wKs+Vp:zJAoCPL7ciJNkLK

Entry address:
0x30E3

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 58, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, 23, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 90, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 4C, 91, 40, 00, 68, 60, E3, 42, 00, E8, DA, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, C8, 27, 00, 00...
 
[+]

Entropy:
7.9992

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file scratchinstaller1.3.1.exe has been seen being distributed by the following 21 URLs.

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1479629232&Signature=ZTg-w8EYbSio3bnsPyruxGW3z9tbCFXPXnS87XF52NCGJNpQCgSqChRDQJv6pNIo3COchQwo6VjG8TcCW7EBAwOLPieU14YXejd-4Fd2NUPrriKawh59pCU8iJnfHIwBpOD3s8bwm0Pzvryi4UmcLgmGPN-y9ZeogwAaOs6ofUA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1475583715&Signature=RY0mMwIFEiT2j8ny0FYhmMe2GzivlL2mwIP7KcMcZT07GtVNWPZeYOW8gZ0AFAZ9SxBXqsN4HgX3EzftZ83bC2JoLxOU4BiweP2paHnV0iKVVgYlrxKNnekMGoSi-Yiz~Zdaa4e4bgtZ0aAg7ASG2~dboNJerYp3hHoOWxjc0rA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1463731351&Signature=VPEzYkhscm8eg31HdeKqyG33XdZpCPxKL7vCJ3dab4sagEN9VZ1lhmBaG9u-tul9WZXrcXwz2vd2SFAzJ-PHei2c3HBQ7IVQiy-xNFe8ZWWrjxBcdydmcmQIRcihi9DLuBF2GEJkKn4YAntBpdASLDbMXOtLYrxfHp2mgsqzokA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://up.g36.ir/download/.../Scratch-g36.ir.exe

http://scratch.software.informer.com/.../

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1475653791&Signature=HCGSDJkLbij4fn3XkTg9UMXIHFYjVjko~a3BOPfWcetRYsHjFtmT1teuWGe~8Q1OVHtdPNIFdxskHc7-L~gx0e3TQO4auLzURid-1AcWRJx39OYseLEzASN9~vXHWXptbsJSnSKi5AMjuhOk-v1hEss5mBDUfTn33YkjYk~B5MM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1472601486&Signature=L2lnIgYcwwebXb6d-UlcHZAJBztgWXczLAt3TiLI~nCBcQKG9rNmGWTBtphX56EDrxanyAp5BxLgEeD5B4YKyPDhuQVeAUHZ16xhflzXf1Omi4ElbNFs9eq6U2~lWjFOa1sJvPJCQulPzg42~sVt5y7SrVbzV~E896u57PZfnQk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1466409007&Signature=StCSQLZ3pDVlzMNaK5CEZWus3Z5rkR8RdA8uggz8ZEfsAOdJS-UtgMGKXn2DckvcHN3NNvqSuck-oPYdGt6CKoC3J9X-aZewzOg3SkMT8NUM6h1xjZWT2CLBepAXe4k2LPVj4lg3jMypGPktj7LITCmdrtkQ9yeG8IhRSgH6cDU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://download.informer.com/.../scratchinstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1463465887&Signature=BO3umNGImqotz4zPuixS4s~A6-5NkFdTyrp2rcQvmZ-v7ew5UAMvCNt8LXNBHkCUFR0Veoe~Qf0-4voKOzbdkXy4Md2hRyMIB6P2BMJTbvWBndl3tvKMycyHdDDkeQXN0Fapx3II7qr4khd4FQrcOHScZbC-N2IaHxKT5bptFAU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1476428220&Signature=CRSsLtDThJM7pNGSOMJG3edAqpyK7A4ugHjDrPHwbdxGnlrujxvwYlbHFdj2hdysyvd1628EcdnBms~7DrsBuWAHgWZaHugt3qrD9b-WJuQyuvvPqzfWafbiSV1yoWx4~C6OjRX5zRiVKiZ7MKX4GZ8mZ90qDT2BqLmAUODm0AY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1477023291&Signature=M9R4KxCxSAAhhZ7~Mtxs0XPts-C0EKVAZu~W3uXcnPSvA-tYwdUgw5AbrNtzZgt0qWZfTuTXvBfwIeyrBzWARVB8LC5wHJSnkP2SnLfueS~v6XFKJGtGekvPjts1Ecyj1PEA4gHRt1t5l3RRyd94eFqSUqKYe9eOG8XJDf2WljM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1476684632&Signature=YpJ02GpcNlwatT~07miuBtXwIJtk-dSEy2cdj0xN9l6vgY6-lR9Bac35C9jhgWaZGLtrqk~KjkqRuiXUIWmi-yHjJBlu~Tw0fyEEUqAi3tvg6nvfr3-AK0GRlHd7SyK1MHj0eL6cFoz84qEGdJmmplY7FdW5oRdEEW8F-SQZLq8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1449221284&Signature=eY7pQHEMGGpJmT9T9000mfugQHRh87U065W6RIWsCfeCz2guaRVwRk0tZMPpaDCko3v01-x3-FCEyncojaKdGxXSaFzxvTHhfo2hnf4m05sIa1Nbx6dwXGGUjvOmshZFxoaBEvEM3R--Q7227-7ZzA8Lulqpp2sL5WwHpd-4VGk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1426979822&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=aiCpGy2MDWN2wHm8BT7nQiEO864CWEwrWudXA~~1pH203GhAVfSmczLRSmoP3WUzmdyggV~g424WEoXPwYRpYmaCl615GMflMk1SIbvqh9Rmfn8kn5kE7eXxpZiayaJmNE3DqquPVPu9oZrhQ8gzAWMtOVAsk~BHqjDF3735RkM_&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1444160696&Signature=TJpk4JhwjBKtKziZYjZNh~X-VWibhF2GubKkwolgenZ7PbLlT837nf2SI~5eEj98YvRStSAxakH5PiCR~ILT2A3HumQLONk9mwTUy1SbF7Wf14L7ZXzhPPtCKYS0Q-uRHfp5BteCEwvINH30t8vSVkNxnP6LGXnTxdyv37Dks7E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://scratch.softonic.com.br/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOGMtfd GVMLvQsHqQHA2XCZXoJmcm4DvJOIFcT5yn6Sect//gAs1ueIF2GxQZxHpijvs27xROoJPBhfkDeEbohKG72ciBaKr5WYOwclrtib6LZ9tlhGbG1qQuuWEP789M=

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1455850524&Signature=AM3LshABnfZ7HmMACLvQtGTatWYMF0QRfr3w-l26vIQsNSNyIcMTPRMSSgiIm-TOfGgwP~GdnH63dfSHEQZ33tv-g10XbGZLZPjrtI0jtaC1vjftcRODQfPb0DOYH7tfi~XY-9ppp-ofCrLXWV~9lWjzZHHWTxPsYkhbhsCF-vQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1448790299&Signature=a13cJdJc0svPplXz~juu4JSiRPabef~GkhwfIZzd64FxDacXooQDmQZUuJvadMaBEUSST5RpYi7Ec4Am472fjuQVVOi-fTQ43NM3Jtb0JUIuoS1TIy-Kqw3690iqjc6zcuFqgm7IYPj340XEh9~qzlCRxVdotE1AI13mQFzXIZU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://gsf-cf.softonic.com/a50/76f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=72886&instance=softonic_br&type=PROGRAM&Expires=1443679578&Signature=hbULXv-D4KybY0Fj0XaWIxjeYVT31OVSu6x~com9WkqXV2sTmNe88L9JCbsM9dRrAEm16yntJ1CZIkO4j~ttDXs9xB6ctx3cXu2ebAl6fPn0lQp9naTmu05DofsWlyEbf-BbFPKvV12Fuq8rQ0znOTy4OGupBv9vpIzIersTVOw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=ScratchInstaller1.3.1.exe

http://download.scratch.mit.edu/ScratchInstaller1.3.1.exe

Scan scratchinstaller1.3.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.