home

softonicdownloader_for_utorrent.exe

Application Installer

The application softonicdownloader_for_utorrent.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from utorrent.en.softonic.com.
Product:
Application Installer

Version:
1.41.6.16

MD5:
b48afee9a25e08d2b61136f0a5c2cbde

SHA-1:
78730306ec2e112f931461772e74e45be7707a04

SHA-256:
cf006f3af5958b9a3d94eca7cb1491cf7ad57d358444acd4a7c06c19b9b7445a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/27/2024 2:28:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler (L)
16.8.3.19

File size:
439.8 KB (450,376 bytes)

Product version:
1.41.6.16

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softonic Downloader

Language:
Spanish (Spain, International Sort)

Common path:
C:\users\{user}\downloads\softonicdownloader_for_utorrent.exe

File PE Metadata
Compilation timestamp:
9/15/2014 11:27:41 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:NQxD87vtgDXX07RNGpRpIoSJRu61iEyn8F:l7vtg4cpaFiDne

Entry address:
0xF7260

Entry point:
60, 88, FC, 8A, E8, 68, BD, A9, B4, 00, 68, 1E, 29, 36, 00, B2, F4, 88, DC, 4A, EB, 04, 09, F7, 86, C9, BF, C9, C7, A5, F3, BF, C8, C0, 3B, 09, 69, F8, 80, 6E, FB, 6E, 3B, C6, 51, 31, FD, 8D, 0D, BF, B6, 4C, 16, F7, C6, 82, F9, A8, 75, 5A, 8B, C1, 86, C8, FE, C9, 12, C5, 2B, DA, EB, 03, C6, C5, 7D, FE, CB, 56, 68, 77, EE, 9F, 00, 19, FD, 40, B5, 63, 13, EA, 0F, B7, ED, 72, 07, 84, C1, 8B, FB, 80, FD, 62, 3B, F1, BA, BE, FE, FF, FF, 85, D0, 89, C1, 81, C2, C1, 0E, 00, 00, 30, C8, 81, FF, 70, 95, 00, 00, 71...
 
[+]

Entropy:
7.9702  (probably packed)

Code size:
316 KB (323,584 bytes)

The file softonicdownloader_for_utorrent.exe has been seen being distributed by the following URL.

http://utorrent.en.softonic.com/universaldownloader-launch

Remove softonicdownloader_for_utorrent.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.