» soaoth-70186741-us.exe
Overview
Analysis
File Details
Downloads (5)

soaoth-70186741-us.exe

Sony Corporation of America

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from www.ranchmetabits.com and multiple other hosts.

File name:

Publisher:

Sony Corporation of America (signed and verified)

MD5:

85a5d43e750b778c44e0288dbd9e685c

SHA-1:

e3048ebaf6129fe064b67b952cdee24298b55499

SHA-256:

72a548572a9d93f2a880e61e22c1f4a816aa77d97d63fffa0ec959c9a846ce99

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 7:16:59 AM UTC (today)

File size:

364.2 MB (381,863,728 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Language:

English (United States)

Common path:

C:\users\{user}\downloads\soaoth-70186741-us.exe

Digital Signature

Signed by:

Sony Corporation of America

Authority:

VeriSign, Inc.

Valid from:

12/10/2008 1:00:00 AM

Valid to:

12/16/2009 12:59:59 AM

Subject:

CN=Sony Corporation of America, OU=VAIO OF AMERICA, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sony Corporation of America, L=San Diego, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

610FF7EC579DF764F8B2D4A4570D9ED2

File PE Metadata

Compilation timestamp:

4/8/1999 10:24:47 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6291456:J5uNpK8eZZNZAFxb/8daoBeUyxdZNkozLNt8C++7GFHbOKl2hiLoJdDlFQt+di6S:J5uNULZALb/8daoId76C++7+OKl2hLQj

Entry address:

0x1000

Entry point:

55, 8B, EC, 81, EC, 78, 05, 00, 00, 53, 56, BE, 04, 01, 00, 00, 57, 8D, 85, 94, FD, FF, FF, 56, 33, DB, 50, 53, FF, 15, 34, 20, 40, 00, 8D, 85, 94, FD, FF, FF, 56, 50, 8D, 85, 94, FD, FF, FF, 50, FF, 15, 30, 20, 40, 00, 8B, 3D, 2C, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 8D, 85, 94, FD, FF, FF, 68, 00, 00, 00, 80, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 7B, 01, 00, 00, 8D, 85, 90, FC, FF, FF, 50, 56, FF, 15, 28, 20, 40, 00, 8D, 85, 98, FE, FF, FF, 50, 53, 8D, 85, 90, FC, FF, FF, 68, 10, 30, 40, 00, 50... 
[+]

Packer / compiler:

Wise Installer Stub

Code size:

512 Bytes (512 bytes)

The file soaoth-70186741-us.exe has been seen being distributed by the following 5 URLs.

http://www.ranchmetabits.com/ 53y_kdaWcZJN5 GGFrg9dF2vl_Tl65hPewyo15YgUFYX3WSe _VUMz6cAGgtTPIjZRkZnJdBtfGsUFfFk9N0Lp4ttBuge0sx4QZ3F5RMA dTX3sIBeuY4ln2SuOF1SjLcWQpmQpqAGnVwCFwHx wQRUFBMXyJnhy63NskOFu4nq1u5eJPY=-G_ECAGSqLfT5IIJYkhosrjXmEDGYyAF7Wwwxn8TeGweerDHyswjMLT3GvC_Oz9HveE8UsunQo BdCNh3S9ePAlKOsGRfw UjI1tjQj kVK3RtHnwFnc5to8iE Yo7cz6U7sfmlOdrrQ8dgzwC9_CPeLZpkqHynb5 V48H Sr8hGfi2z3OWy6LVGJnls_Y8y2kplckhdPtmO0CMQXHndFeaTvjvy3rsuxtQPepGaPP36cKLgGm407svU1EYRi6AVcWENgZQaZfMDep3bTs38j2KZLdZyN9e5Do45zltr_TcQ35jl9YFKKeIjYYoVmsk_OoDFG6M7Zcr_kXWpS2Pe2Pv NsmJYB0o0yEcIVKtx7kWvcdXBP_i SFzXzqzJFxVUhlR9H3VsdnmW4QRzBvlUXthp7FdatLKzBBewkuOdacv_1FdXOhoUrzOdI qqOrzWvJNQAcxsVSMApetmctilAobxt0JkVl2nqFJNBI4kZeeTcvXWjnYnJ8Cl1lscfLd bH Py9XEm0MyTl2mTZS3jxvRmt1VNozfj36SevtKYB0v5m88UkQkiBg60STy0GD6ANhrFmsgPu7swW4kcNWzphQpJje9tuQapcs1385cOY8b AfMXjs4DT0TkzQ3RnEaQ_pguD7tG0iF59NU7ffzJsM0Xga5Qx7KV2D9LD G_HNrVEo_w1VzdcVu7K7__lVEeIbRvcxppdyaMiwmaoeVDzMr2AvFDaOCeCTVATvPpW7QVD5NIE5y1ws8a14iGC5kZWaPspEBf9TsRPUlbnwtAA

http://s02.download.sony.com/BR/.../SOAOTH-70186741-US.EXE

http://dlv.update.sony.net/US/.../SOAOTH-70186741-US.EXE

http://s02.download.sony.com/US/.../SOAOTH-70186741-US.EXE

http://s02.download.sony.com/LA/.../SOAOTH-70186741-US.EXE

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.