home

setup_multitimer.exe

Multi Timer

Johannes Wallroth

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from multi-timer.softonic.com.br and multiple other hosts.
Publisher:
Johannes Wallroth   (signed by Johannes Wallroth)

Product:
Multi Timer

Description:
Multi Timer Setup

Version:
5.4.3.0

MD5:
1d0b77550f5289e9a573a29c4b3cd851

SHA-1:
877bbec2d8be8d8d4cf308848a4db1aa2d86f0f1

SHA-256:
78dda70dfa39b37ed11fd97c5394fb4b520d92836263de253c733a32b29ee6be

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/3/2024 3:40:41 AM UTC  (today)

File size:
2.8 MB (2,969,144 bytes)

Product version:
5.4.3.0

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Digital Signature
Signed by:
Johannes Wallroth

Authority:
COMODO CA Limited

Valid from:
9/29/2015 2:00:00 AM

Valid to:
9/29/2018 1:59:59 AM

Subject:
CN=Johannes Wallroth, O=Johannes Wallroth, STREET=Beerbaumstr. 1, L=Berlin, S=Berlin, PostalCode=13125, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4A3A571C7DF687892431316F5E2C346C

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:I9t0XiEtVay+zqSWJjaNU+ao72z76DNwq+d/y/f7sDp2GCC6JLSrPaBHAJB:CmXBCy+PWJjmCGNHqyrsDp2FvVuI

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file setup_multitimer.exe has been seen being distributed by the following 5 URLs.

https://multi-timer.softonic.com.br/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAPNbFIbvPqwG59DNzhKGKPopOS/16MIOzRwqccoV7ljLstbONYnpcTSMPeWjvCYZEAYEGeICVXcANWz3C1entvlwjft//.../xpQLPNdZzjwxD5Fx28ObUUPv8Ao=

http://gsf-cf.softonic.com/4c4/d8b/.../file?SD_used=0&channel=WEB&fdh=no&id_file=30132&instance=softonic_br&type=PROGRAM&Expires=1480906815&Signature=J8S3yHibnhtGNe19T-NDm2wYjLbEtAtxIKdcIj290~PUWL2~~2a6gEAXEHi8j~Q8DwXZw0sdk0mCnsmobjQxY-9G9KZUk3s-4kv2biKeyqT~cNT62Kyc7A1Tsm63wunzp5VSvNU9aZ6cGDveztmhuTKV0poBz2pwFgux6WEoO~s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=setup_multitimer.exe

https://www.programming.de/.../setup_multitimer.exe

http://www.programming.de/.../setup_multitimer.exe

https://multi-timer.softonic.com/.../trmsvRChbxdrflJq3ZIylWt0sI8aa3KPl0C9oyM84N0MfBu0Uc p0awMca3IyQxMJkLfPQgZvaJTg4dsFytdErc7 iwxufsEzeXBqXoCIPdqj43sS 7qHBdgylFkmXfFkjTfkReIfVNEDFd9oDOFJUw=

Scan setup_multitimer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.