home

softonicdownloader_for_age-of-empires-iii.exe

Softonic Downloader

Softonic

The application softonicdownloader_for_age-of-empires-iii.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from age-of-empires-iii-the-warchiefs.en.softonic.com.
Publisher:
Softonic

Product:
Softonic Downloader

Version:
1, 40, 1, 0

MD5:
9df2c4c98bd35b5d15c8aae64fca1a18

SHA-1:
dbce75692fbc0a6bc828eeebb7f15f66479a0184

SHA-256:
6470e40fa7172083d48f07bbe5e01e4c90b0a90775750a9af0cf05cba17c58c1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/19/2024 4:44:47 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Downloader (M)
16.7.28.7

File size:
468.8 KB (480,096 bytes)

Product version:
1, 40, 1, 0

Copyright:
Copyright (C) 2013

Original file name:
SoftonicDownloader.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softonic Downloader

Language:
Spanish (Spain, International Sort)

Common path:
C:\users\{user}\downloads\softonicdownloader_for_age-of-empires-iii.exe

File PE Metadata
Compilation timestamp:
11/12/2013 4:47:15 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:cTHiFlkI9s6dRi7X4+C9rr5TLeqvkQqoSNfMy0s4f8I:cTHEkBORij4+yrrlL+ffMw4f/

Entry address:
0x15F630

Entry point:
60, 3B, EF, 78, 04, 19, DA, 2B, ED, 86, FC, 19, F8, B6, CD, F7, C7, A1, 31, F2, ED, 89, EF, 89, D1, 81, FE, BC, 95, 00, 00, 69, D9, 21, E2, 30, 42, C7, C1, 18, 5B, 56, 63, 56, 68, AD, 78, 2B, 00, 0F, AF, D6, 0F, B7, D3, 8B, F3, 68, 9C, 03, B6, 00, F3, 85, D7, 86, C0, E8, 64, 00, 00, 00, 1D, CD, 26, B9, 2D, 1C, AF, 81, FB, A1, F7, 00, 00, 74, 02, 89, EA, B3, 0C, F7, C0, 9B, 33, 25, F4, 48, 81, C8, B0, 3A, 5E, D2, 86, D0, 81, D0, 35, 55, D8, 46, BD, 46, 2D, 00, 00, 80, EA, 97, 49, 81, F5, EF, 6D, 00, 00, 8B...
 
[+]

Entropy:
7.9720  (probably packed)

Code size:
352 KB (360,448 bytes)

The file softonicdownloader_for_age-of-empires-iii.exe has been seen being distributed by the following URL.

http://age-of-empires-iii-the-warchiefs.en.softonic.com/universaldownloader-launch

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.