» softonicdownloader_for_windows-7-boot-updater.exe
Overview
Analysis
File Details
Downloads (1)

softonicdownloader_for_windows-7-boot-updater.exe

Application Installer

The application softonicdownloader_for_windows-7-boot-updater.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from windows-7-boot-updater.en.softonic.com.

File name:

Product:

Application Installer

Version:

1.41.8.5

MD5:

8e0e876759ddd98f5b38488cdf99c041

SHA-1:

935b29c656f6aab7e84d4ba1bd8c7b9ce2f8bbb1

SHA-256:

b9c150ed8415c557da41032a6c8ab4df1e3efc578e845848fe18e8bb94a93bd4

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 4:54:50 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Softonic.Bundler.Installer.Meta (L)

16.2.14.21

File size:

431.3 KB (441,696 bytes)

Product version:

1.41.8.5

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\softonicdownloader_for_windows-7-boot-updater.exe

File PE Metadata

Compilation timestamp:

11/5/2014 5:11:27 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:rs3QAq1v/1Qfqi9qKeXe840ErIkUpoS8i65i9Ok8H:rs3N4/baQOR8Si65aOkW

Entry address:

0xFA0D0

Entry point:

FF, CB, 0F, AF, C6, 85, DB, 8D, 3D, BD, A4, F0, 0C, C6, C6, DB, 0D, C3, 43, 2B, C8, 85, C9, 02, FB, 8B, D2, 89, D5, 0F, AF, DE, 21, E8, 87, C1, 81, EE, C9, A3, 00, 00, 75, 07, 8D, 15, A6, DB, E8, D5, 41, 81, C6, 04, 01, 00, 00, F3, 02, EA, 88, E4, 81, FD, 3C, 92, 00, 00, 76, 02, 85, D3, 69, D7, 47, 3C, BC, E5, 89, D7, F3, F3, 0F, BE, CE, E8, A0, 00, 00, 00, 69, F6, 86, FC, 9B, 42, 75, 07, 3D, 87, CA, F2, 90, 8B, CF, 85, F3, 2B, F3, 0F, BE, D2, F6, C6, 69, 88, C1, BE, 71, C4, D0, 69, F2, C7, C6, DF, CD, EF... 
[+]

Entropy:

7.9704 (probably packed)

Code size:

320 KB (327,680 bytes)

The file softonicdownloader_for_windows-7-boot-updater.exe has been seen being distributed by the following URL.

http://windows-7-boot-updater.en.softonic.com/universaldownloader-launch

Remove softonicdownloader_for_windows-7-boot-updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.