home

sweet-home-3d.exe

Softonic International

The application sweet-home-3d.exe by Softonic International has been detected as a potentially unwanted program by 21 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dthenard.free.fr.
Publisher:
Softonic International  (signed and verified)

MD5:
d3676fd34d655a6cd909b96b4235b267

SHA-1:
a69ab5b52cc87adc48879db3ed846a28a52534dc

SHA-256:
800e8314e2dbd851263a188ec257c554ca887f8d364a9d94e043a62278e6ac84

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
4/27/2024 12:38:51 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Adware/Win32.Softonic
2013.12.09

Avira AntiVirus
TR/Agent.287048.5
7.11.118.128

Baidu Antivirus
Trojan.Win32.SoftonicDownloader
4.0.3.14226

Bkav FE
W32.Cloda7e.Trojan
1.3.0.4613

Comodo Security
UnclassifiedMalware
17404

Dr.Web
Adware.Downware.20
9.0.1.057

ESET NOD32
Win32/SoftonicDownloader
8.9146

Fortinet FortiGate
W32/Cb.C!tr
2/26/2014

F-Prot
W32/Backdoor2.HKKY
v6.4.7.1.166

Malwarebytes
PUP.OfferBundler.ST
v2014.02.26.07

McAfee
Artemis!D3676FD34D65
5600.7207

MicroWorld eScan
Win32/SoftonicDownloader.A
15.0.0.171

NANO AntiVirus
Trojan.Win32.Downware.nqsni
0.28.0.56582

Norman
Suspicious_Gen5.CQIV
11.20140226

Reason Heuristics
Bundler.PPI.Softonic.N
14.2.26.19

Rising Antivirus
PE:Malware.SoftonicDownloader!6.975
23.00.65.14224

SUPERAntiSpyware
Trojan.Agent/Gen-SoftonicDownloader
10759

Total Defense
Win32/Softonic.A
37.0.10498

Trend Micro House Call
TROJ_GEN.R047B01KA13
7.2.57

Vba32 AntiVirus
Adware.UnivDowner
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
24138

File size:
280.3 KB (287,048 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\sweet-home-3d.exe

Digital Signature
Signed by:
Softonic International

Authority:
VeriSign, Inc.

Valid from:
9/7/2009 1:00:00 AM

Valid to:
9/8/2011 12:59:59 AM

Subject:
CN=Softonic International, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Softonic International, L=Barcelona, S=Barcelona, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
707E68E6802EEDABC3757C9005AC1028

File PE Metadata
Compilation timestamp:
1/31/2011 1:41:37 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:mfurLgmvI7Vb8hOkx5CSf7oYte13FwxrmM+GCQNRQAoz4oSpC0:BAuU4rfxe1VpMT54A/oSpC0

Entry address:
0x4BBFF0

Entry point:
60, BE, 00, C0, 87, 00, 8D, BE, 00, 50, B8, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 0A, 93, 4B, 00, 57, 83, C3, 04, 53, 68, E1, FF, 03, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
260 KB (266,240 bytes)

The file sweet-home-3d.exe has been seen being distributed by the following URL.

http://dthenard.free.fr/sweet-home-3d.exe

Remove sweet-home-3d.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.