softangodownloader_vlcmediaplayer.exe

Softango

Softango Technology LLC

This is the Performersoft setup installer. The application softangodownloader_vlcmediaplayer.exe by Softango Technology has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the InstallBrain installer. With this installer, users are expecting to download the VideoLAN VLC media player but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware. The file has been seen being downloaded from www.softango.com.
Publisher:
Softango Technology LLC  (signed and verified)

Product:
Softango

Version:
1.5.3.14

MD5:
7cbaecb773121695085f697293df63f0

SHA-1:
71fe0ad7719411a3f7e985018094368c6da28f5e

SHA-256:
bbd7aa365052009bae04765fc982d6d2345a68f477801f2857dabcd3b25683bb

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/6/2020 11:05:43 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Performersoft (M)
17.3.13.20

File size:
2 MB (2,124,504 bytes)

Product version:
1.5.3.14

Copyright:
Copyright 2013

Original file name:
Softango.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
InstallBrain

Language:
English (United States)

Common path:
C:\users\{user}\downloads\softangodownloader_vlcmediaplayer.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
12/18/2013 9:14:11 PM

Valid to:
12/18/2016 9:14:11 PM

Subject:
CN=Softango Technology LLC, O=Softango Technology LLC, L=Beaverton, S=Oregon, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
277EA1EB753393

File PE Metadata
Compilation timestamp:
12/25/2013 3:21:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0xED725

Entry point:
E8, 4E, B4, 00, 00, E9, 89, FE, FF, FF, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A0, 01, 00, 00, 81, F9, 80, 00, 00, 00, 72, 1C, 83, 3D, 60, C0, 58, 00, 00, 74, 13, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 05, E9, 2D, 5B, 00, 00, F7, C7, 03, 00, 00, 00, 75, 14, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 29, F3, A5, FF, 24, 95, A0, D8, 4E, 00, 8B, C7, BA, 03, 00, 00, 00, 83, E9, 04, 72, 0C, 83, E0, 03, 03, C8, FF, 24, 85, B4...
 
[+]

Code size:
1.2 MB (1,239,552 bytes)

The file softangodownloader_vlcmediaplayer.exe has been seen being distributed by the following URL.

http://www.softango.com/.../63213

Remove softangodownloader_vlcmediaplayer.exe - Powered by Reason Core Security