home

softonicdownloader_for_winzip.exe

The application softonicdownloader_for_winzip.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from winzip.ar.softonic.com.
MD5:
79a4e674d1c7606fe301751ac6dbc6ab

SHA-1:
4a8f3ba776ae1a912a7a0007a2a4a61d0562e10b

SHA-256:
0484f7634f00e561989e80b43c4adc921acd47908cb3575121a7f54e7b9d4785

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
7/19/2025 2:47:44 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softonic.Bundler.Meta (L)
16.6.27.4

File size:
352.7 KB (361,149 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\softonicdownloader_for_winzip.exe

File PE Metadata
Compilation timestamp:
9/10/2014 5:42:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:CRdwyZ+TW2nQGj5faiVoHORtZ3P1SlKx/3N9aSuil7MC0pbQkHBoS9aKB2Iae:Yl+brVfavORr4lgd9aTtakhoS97L

Entry address:
0xF72C0

Entry point:
3B, DA, 97, 38, D3, 91, 36, C7, 8A, 33, BC, 82, 30, 97, 6B, 2D, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D5, 95, 3C, F5, A9, 3F, F5, A9, 3F, EA, A1, 3C, E6, 9F, 3B, D7, 94, 37, CF, 8F, 35, C7, 8A, 33, B8, 7F, 2F, B8, 7F, 2F, B8, 7F, 2F, B8, 7F, 2F, B8, 7F, 2F, B4, 7C, 2E, 98, 6A, 2B, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9604  (probably packed)

Code size:
316 KB (323,584 bytes)

The file softonicdownloader_for_winzip.exe has been seen being distributed by the following URL.

http://winzip.ar.softonic.com/.../3tjQyeLV3cjDp-Hw3sCixsiGa5-flZ-NoKSllpU=

Remove softonicdownloader_for_winzip.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.