home

soundfrost.exe

SoundFrost

SoundFrost Company

The executable soundfrost.exe, “SoundFrost Setup ” has been detected as malware by 3 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from soundfrost.org.
Publisher:
SoundFrost Company

Product:
SoundFrost

Description:
SoundFrost Setup

Version:
3.7.8.0

MD5:
8826a359aa799a096bfd7cc985bc0ea4

SHA-1:
6418351d5ed0dc0388c88b31c9c9d40312eadcf8

SHA-256:
108e822f9c3ac4562b55b273d6d02706889be13339f1b1825c746cfd060ca6f6

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/25/2024 3:45:55 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Kazy.187808
7.11.144.18

ESET NOD32
Win32/SoundFrost (variant)
8.9691

McAfee
Artemis!8826A359AA79
5600.7140

File size:
21.6 MB (22,610,451 bytes)

Product version:
3.7.8

Copyright:
Copyright © 2013

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\soundfrost.exe

File PE Metadata
Compilation timestamp:
1/30/2013 12:21:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:iOTm4/9jj9pbr++YdiGdFcchZS9+aMDVIggiFKIw1Yb1T+TJdGh0fRDfLVI7SUNR:iOTm4bpX+dioH8+aqaikIV1T+Tc0/I/5

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file soundfrost.exe has been seen being distributed by the following URL.

https://soundfrost.org/download?referrer=http://.../search?q=soundfrost.com&x=0&y=0&form=MSNH14&refig=b37d360f4a5640ee9efa28c6d4d829db&pq=soundfrost.com&sc=8-10&sp=-1&qs=n&sk=

Remove soundfrost.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.