» sosintwr.exe
Overview
Analysis
File Details
Downloads (13)

sosintwr.exe

Steganos Online Shield

Steganos Software GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from www.segurisoft.es and multiple other hosts.

File name:

sosintwr.exe

Publisher:

Steganos Software GmbH (signed and verified)

Product:

Steganos Online Shield

Version:

1.4.14 Rev 11225

MD5:

533c452dbe2f47152fad89d281ff1ebd

SHA-1:

be9f33b2f2564c76b721d9a0a7f7af1ed758a41b

SHA-256:

4f6405ca258d4cd77bec6df9b1821c107a499b9b7cb39b0ce1e45028e8a99763

Scanner detections:

2 / 68

Status:

Clean (2 probable false positive detections)

Explanation:

These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:

4/18/2024 7:49:17 PM UTC (today)

Scan engine

Detection

Engine version

NANO AntiVirus

Riskware.Nsis.Adware.dqabed

0.30.24.2086

Zillya! Antivirus

Adware.Steganos.Win32.1

2.0.0.2591

File size:

39.1 MB (40,947,936 bytes)

Product version:

1.4.14 Rev 11225

Original file name:

setupwrapper.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\sosintwr.exe

Digital Signature

Signed by:

Steganos Software GmbH

Authority:

GlobalSign nv-sa

Valid from:

9/10/2014 7:10:01 AM

Valid to:

11/3/2017 8:55:47 AM

Subject:

E=certificates@steganos.com, CN=Steganos Software GmbH, O=Steganos Software GmbH, L=Berlin, S=Berlin, C=DE

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112127389AB528A3A8EC995621C824069818

File PE Metadata

Compilation timestamp:

2/23/2015 6:10:14 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

786432:A1h99G2l8YXQ3wKSigqn51IIjeF/uyb86FPKNR6Im9gRMA60Z/Rp1dLMv:iBef551JHGPbeMA6ORp1dLu

Entry address:

0x10BF6

Entry point:

E8, 3F, 8B, 00, 00, E9, A4, FE, FF, FF, 6A, 0C, 68, 90, 86, 42, 00, E8, A0, 44, 00, 00, 8B, 75, 08, 85, F6, 74, 75, 83, 3D, C8, C5, 42, 00, 03, 75, 43, 6A, 04, E8, 29, 8D, 00, 00, 59, 83, 65, FC, 00, 56, E8, 51, 8D, 00, 00, 59, 89, 45, E4, 85, C0, 74, 09, 56, 50, E8, 72, 8D, 00, 00, 59, 59, C7, 45, FC, FE, FF, FF, FF, E8, 0B, 00, 00, 00, 83, 7D, E4, 00, 75, 37, FF, 75, 08, EB, 0A, 6A, 04, E8, 15, 8C, 00, 00, 59, C3, 56, 6A, 00, FF, 35, F4, C2, 42, 00, FF, 15, 74, 40, 42, 00, 85, C0, 75, 16, E8, 2E, 28, 00... 
[+]

Code size:

139.5 KB (142,848 bytes)

The file sosintwr.exe has been seen being distributed by the following 13 URLs.

http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=PE&sid=83ab235fb9a5fb5c504bfa81dae8759b&upv=e0d97bc100a9d3338c73b2f64d24dfa8&z=download-cpd&sk=3143&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B75AEDE52A51F4E0CB8724DEDC93887A36B3E2F882C4D215AA8FC4831EE615AE4D23295C894F1B3DA3B5ACB693FCE789E930F016ADFB0DD066FDC8146C29A3F2695916054E423F5CF7C54FEC9B94AA690A&h=E85393B9A87A33451615AD351FC13CED18FB5BE8416748D7A6652B021116EC5E&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=MX&sid=4de557737ad76f00ab7f099bbecb81e5&upv=3cf7c157873e7d4a870c4a07485e68b8&z=list&sk=3130&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2DAB019A2D5A8EA1C17ADDAE5C4F9D20234223C1283CBB83C37918D214670436A665B44662B5E7DF3032FEBA77560EBBD007B5C5B8D4EEBBCA0FE04C9CC7254A431B4C61FC87C1DFCDED42D457E1D41FB17DAA196F72EA2FA25DB4AEFCCB98358E20B2821F7F9A007EF63008D8E6016FD5C9F371A170D667445AF7BAB0EF095F3&h=6241E52FD9E24206929B0B9F44358F790D1CB8F807E4C1CC54E703C81A1C1499&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://steganos-online-shield-vpn.softonic.com/descargar

http://www.softonic.com/sads/tracker.php?ev=c&co=CO&sid=aabfb75cd459fb768501fafb937b3ff4&upv=bc697ccba551e43f9db6abf1d29346d4&z=download-cpd&sk=3144&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B75AEDE52A51F4E0CB8724DEDC93887A36BA989FF20F7A47D32DE7B2F6CAF5A04DF495791EA1C01DD4A8F96D2D0A7C581281650A871137399CFA2C4614002830929DD6D62DA5247E73B535E5C12DCA007E&h=EECE67F022472CD4A08288C29AD2EBB3C3EC21C3E14B084E1C155223A7F87FF3&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=VE&sid=210ffd78d5296dbb6219ca44645aee84&upv=e3466b8900697054f2ce835160abadae&z=pp_warning&sk=3140&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEA5A4B93508608FBAFA16B0EF0DF8669773503165B80BC88BE2449F5BD485BF5E68B6D4F77B3ECB5ACAC8401F89317C4E4A5EB893ADC54B00935AE63757C9908CE4F4045A1E15712A220F537286063752B4C6057B0B4FB2DCB3F816DD68BAF17DB44E869473CF1C97376C1B0D8A3C7EA79A4BE05ECEBDDFD5EDC417124ECF748A8&h=69DE3E11C960009BDA5DDEFC88C001E66E0EA7547D7BBCE2D860765961F46B78&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CL&sid=b5172e4415bfab4beae3074f6366d912&upv=d79960bacbbeae56bb835e70b14d0132&z=download-cpd&sk=3144&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B74DE19C0FB5256D3EFAC348089474B182B2BE5607E7265F828AFFB6F4A225F2590D88BB51CFFF8D3F858414445BA054E6E938DDB0CECE7C8A649D7AF38125584EC28EBFA10593D61D753A0D78FF903EAF&h=C34F45F19A0DA9234D3A9D89A6BDB386BBDE006B41F9BC5B34C054342C9F6FBF&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://t2.softonicads.com/tracker.php?ev=c&co=CL&sid=08b3c41c36fdc513081e13024ec0e259&upv=6251b82194b382ba768cc18a64e85dac&z=download-cpd&sk=3131&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B7FFB0ADF1B301FFE64BA0D27D5CE4E90A00D8AD44A1A3A5AF34D8A4E940A0AC2990D112D4B4ED5CEFCED6F9C247F6EC323DF3A3738B58125EF7024B3D84C6170BCB96CC3B96E8DE6285A6F27189EE56B4&h=D9159F532AFEC1B2D67DA7549E8E5A7CB448DE11FC141873E7DBE651B7E7E3FE&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CO&sid=ad8676d54e1e329b93501b2a33e93fb9&upv=13270165d47b2747b802443dfb0d3b70&z=download-cpd&sk=3144&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B74E341C3BEAD6BA92BF712809A88745A5900DC0F152B05ADFE629364F3379489A60519734CFE2B8EE0BA09C1D3532CCCC49049A5868903EB8E653E00FB2F35EC8609B7CCEADE77FCA516D38CE1C06579D&h=C823C779E83D58DC67DD58C8C00B521BD203ECC027F2A88646586D83FFEACC9B&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=CL&sid=db7ec062e9182d8a1bbe2d8687885b81&upv=f8c96dff42aaec915073396ce827bf18&z=download-cpd&sk=3140&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B74DE19C0FB5256D3EFAC348089474B182860D48C23FFF022950A85DD323222FDFFF38B61D2AB2443BB4AA8EF36D35CB31FD8DA2EF5E737D04B8356ACC1F124563D8D0B1849F1106C8B98DD5D91A9CDAB1&h=CB38BC44527B3A5B47AB4C5A2049CE7EC6C54F0D5A541595EDA2EC7B5D5878E1&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=AR&sid=20d7ac31b3698417ceafbed1c8ff5bc9&upv=d652bf0ce9f64906170220ad5b880dae&z=download-cpd&sk=3144&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B74E341C3BEAD6BA92BF712809A88745A50C22AD426CADED1AFD85ADD4085090CEBD1A91809EA95CF18EC78F0244D467668C57C8B6FD6DDDC9052A9C42D559E12723C4488DC042152AAA8AE4A515D47823&h=6F349FD04365DF9BE83977E8DCDFBDF973AC61E095AD074BD4E2891223CC5462&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=EC&sid=def51ed02db512292845e0b269074d87&upv=1872c79a2fa9573c954941ded55ccbb1&z=download-cpd&sk=3130&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F26BD8E26C5D6F4F4776204997EBA3AEEACB39829447002032987B9E72DDC327B941E32618F899B357F19A2333AFF2C2B74E341C3BEAD6BA92BF712809A88745A50A7FE8272F036845617173FE5B03D6E4C6808D3BE357B6BAF764614A42E12D464339C353F96D0322468C72937B984FB7F717079B04733DAC6AF3AA8018211445&h=8E4822B66806C3C62670FDE9DAE6C66892CBE864DAE8AE900F234EF1B04469A3&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=MX&sid=18b84921eae9b640f31b2b821724fc7e&upv=af3b7ee129d0d1f19234d2a74e2d699e&z=download-cpd&sk=3131&abp=0&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2DAB019A2D5A8EA1C17ADDAE5C4F9D20234223C1283CBB83C37918D214670436A665B44662B5E7DF3032FEBA77560EBBDD4CE8F2D560F02DD89689FFFB2298015F8D05F16DC02B12953CA553F7B53917E9F5AAF2178EBA622720C22AB4AE66797E5148588085EE4AB4D2B5FBE462E600815476346F51E582943F54E0586136EE9&h=CB0821F8E885EA8EED5070AC105E061656A3822F70B953C347C5DB15221E69C7&directdownload=1&f=69687091&d=http://www.segurisoft.es/software/Dwl_portalsa/.../sosintwr.exe

Scan sosintwr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.