» softonicdownloader_for_internet-explorer-7.exe
Overview
Analysis
File Details
Downloads (1)

softonicdownloader_for_internet-explorer-7.exe

Softonic Downloader

Softonic

The application softonicdownloader_for_internet-explorer-7.exe has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from internet-explorer-7.en.softonic.com.

File name:

Publisher:

Softonic

Product:

Softonic Downloader

Version:

1.41.0.0

MD5:

661711f16de63943d91680186383582a

SHA-1:

565df9bd3f68a4f95bf3af69e95047a7a41a4fe8

SHA-256:

a33880946d18eb273d5b406949790f7d146d53d6d6f3bf0133f6125cab0fb5a5

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/19/2024 3:04:43 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Bundler.SoftonicDownloader (M)

16.2.8.1

File size:

426.3 KB (436,568 bytes)

Product version:

1.41.0.0

Original file name:

SoftonicDownloader.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Softonic Downloader

Language:

Spanish (Spain, International Sort)

Common path:

C:\users\{user}\downloads\softonicdownloader_for_internet-explorer-7.exe

File PE Metadata

Compilation timestamp:

5/21/2014 5:24:17 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:IqTnQVSvi3RD8Daw9bINe9elMoSF7sYuJeZ87:VTnBCRD8ewSQek7snJeZM

Entry address:

0xEED40

Entry point:

18, D1, 88, FE, C6, C0, D2, 8D, 0D, DB, 65, 4E, 2B, 80, C8, 4E, 8B, D0, 01, D6, F7, C0, E3, 82, 30, 3D, 03, F9, EB, 05, 84, D7, 43, 8A, E9, 68, CC, 56, 86, 00, 68, 27, 2B, 19, 00, 0F, B6, F4, E8, 60, 00, 00, 00, 89, CD, 0F, AF, C8, F3, FE, C8, F3, 81, FA, 83, 51, 00, 00, 83, E3, 00, 8D, 2D, FA, B2, 5C, E4, 0F, AF, F8, 1B, F2, FF, C9, 77, 03, 0F, AF, C6, 81, C3, 98, 71, 0C, 00, C7, C5, 19, 9F, B3, A3, 69, FB, 8E, F1, 97, 11, 80, FD, 6D, 81, EB, 97, 71, 0C, 00, 3A, C2, 0F, AF, FD, 69, FE, A9, 82, BD, 9A, 02... 
[+]

Entropy:

7.9703 (probably packed)

Code size:

308 KB (315,392 bytes)

The file softonicdownloader_for_internet-explorer-7.exe has been seen being distributed by the following URL.

http://internet-explorer-7.en.softonic.com/universaldownloader-launch

Remove softonicdownloader_for_internet-explorer-7.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.