home

softonicdownloader_for_teamviewer.exe

Softonic Downloader

Softonic

The application softonicdownloader_for_teamviewer.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from teamviewer.en.softonic.com.
Publisher:
Softonic

Product:
Softonic Downloader

Version:
1.40.7.0

MD5:
ba03bc0e65ab58602b1c8100193e675b

SHA-1:
7b631e9910f68125aeb906c24639de5221e79f4c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/26/2024 4:18:45 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler.Meta (L)
16.5.26.8

File size:
446.3 KB (457,032 bytes)

Product version:
1.40.7.0

Copyright:
Copyright (C) 2014

Original file name:
SoftonicDownloader.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softonic Downloader

Language:
Spanish (International Sort)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\softonicdownloader_for_teamviewer.exe

File PE Metadata
Compilation timestamp:
4/23/2014 2:21:29 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:PZ99wWh1s2WXiWXXGUImcyGmQoSZDUe8O:BhQ2WXiWkT5pB

Entry address:
0x52DD40

Entry point:
84, E9, 8D, 15, 91, 8B, 72, 55, 0F, BE, CB, 41, 40, 72, 06, F6, C6, D6, 0F, BF, F3, C7, C0, B8, 61, D6, BB, 3B, D1, F3, F3, 1B, F3, 86, CE, 89, D0, 0F, AF, C7, 4B, 8D, 3D, A4, CE, BD, 94, F2, E8, 25, 00, 00, 00, 87, CA, 8D, 3D, 99, 32, 66, D0, 85, F8, 76, 0D, 86, C1, 69, D5, 0E, 2B, A1, 46, 0D, 87, CA, 78, C0, 8D, 1D, C6, 5B, 7E, F2, 85, DA, FE, C0, 3B, F2, 78, 07, 86, FD, 0D, 57, DC, 6C, 95, 85, CF, 78, 06, F7, C5, 51, 7D, 4D, 91, 0F, AF, F2, 86, D8, BB, 9F, E6, 57, 9D, 3B, FE, 5F, 30, F1, 84, CC, F3, C6...
 
[+]

Entropy:
7.9708  (probably packed)

Code size:
336 KB (344,064 bytes)

The file softonicdownloader_for_teamviewer.exe has been seen being distributed by the following URL.

http://teamviewer.en.softonic.com/universaldownloader-launch

Remove softonicdownloader_for_teamviewer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.