» tbs50trial-win.exe
Overview
Analysis
File Details
Downloads (21)

tbs50trial-win.exe

Toon Boom Animation Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

tbs50trial-win.exe

Publisher:

Toon Boom Animation Inc. (signed and verified)

MD5:

f906c9caa79508f3bdec1f59955798b1

SHA-1:

dbeee2709a417b73aafd6a3de27a266ac5239985

SHA-256:

fa0efd0b20bf7e4251564f5a4af2be26c09fca2340338bcd35d6e6b810931857

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

6/17/2024 2:09:57 PM UTC (today)

File size:

73.4 MB (77,005,032 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\tbs50trial-win.exe

Digital Signature

Signed by:

Toon Boom Animation Inc.

Authority:

The USERTRUST Network

Valid from:

9/25/2009 2:00:00 AM

Valid to:

9/26/2010 1:59:59 AM

Subject:

CN=Toon Boom Animation Inc., O=Toon Boom Animation Inc., STREET=7 Laurier East, L=Montreal, S=Canada, PostalCode=H2T 1E4, C=CA

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

51868F27AAB44818BDD8CD34AD7210F9

File PE Metadata

Compilation timestamp:

7/23/2007 7:30:02 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

1572864:GPAVDhBIxyTyQKVvgWkTYx0z1MbtN2cnXiZQg7QkWcdr:8CDhBIYeXvvkpWHQQcdr

Entry address:

0x7EB8

Entry point:

E8, 19, 28, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 10, 75, 20, E8, A4, 15, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 35, 15, 00, 00, 83, C4, 14, 83, C8, FF, E9, 80, 00, 00, 00, 8B, 4D, 0C, 3B, CB, 56, 8B, 75, 08, 74, 21, 3B, F3, 75, 1D, E8, 75, 15, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 06, 15, 00, 00, 83, C4, 14, 83, C8, FF, EB, 53, B8, FF, FF, FF, 7F, 3B, C8, 89, 45, E4, 77, 03, 89, 4D, E4, 57, FF, 75, 18, 8D, 45, E0, FF, 75, 14, C7, 45, EC... 
[+]

Entropy:

7.9990 (probably packed)

Code size:

60 KB (61,440 bytes)

The file tbs50trial-win.exe has been seen being distributed by the following 21 URLs.

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1478062607&Signature=Ev6ASu0ID8UD~zf7ynj-kmOsc2tBMtt2jhk6F~UvIB8MQPoJsCHQ8WzYxJlqtM~rg5V4x0lKBkuDT4c-OtGrLXbP9ZMYX35ytie9rU5eiVAFnc0r0kE7-0BJTV57VlMjf8lpoQ-27kWGRM9wp-FjiPWAuCc62HXr0O7XEulH5Fk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1458803559&Signature=B4NlSNZrC0JVpdE56l5q2l6cYzSS74LD3~hj7dDLwsxEy1qEeDbdxcj5GChNnWJRx11~HQe38yKCRbcPZ9QaAM2tWyuMsgqNxkzkIwvf2MwwNWwSfe6Fcwj85bpksZsm-PX7RirGM7Spye4lq5o4nKYVsxWWTjslsBC1tDg10IA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_it&type=PROGRAM&Expires=1458117235&Signature=dSARIiTBg6pOJvhfniGOkFk-ff662DodISe4DWRP9AfBEoPluP2myRcHKl4yM7xDEjIuMV-4C-FucKw4PUoNm~va1hkMFCSB5-jppFkDbo2waT~aYtvfWUk0FxZgf6DGT-9f2V8xRqGUd1bPSBr~H4N8NRF57MGehFn6mzhlu8k_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://www.downloadpresentcity.com/ochyl2QKSFCeZAVXbz rAr dSNgK6zXiRWfH XsBTWldQF_EKFt50ikuLyfFhdUy90VXJNFqlZMEQjuBnPwUMeTmAtQcA_OWt5D9edxr5TFIuQz1vcw4aXJZPCdPqjtn8TaRD__Hn4KabnXgXzhqGJ3cPB8 IOD3kFZ1aTA1hp98UK4HFwG60v1y8bg2Deet1CXD1Yj57rljtGYCBJ3cqiU_Aiyp6A==-GxkDAGS ttEfD2xA6_4khkrJC09KxSGHhokcsLfFEPNJ7L1x4MkaIz LwETF2lew3p4rXPAeywsiLnX01NC3ZD2SxTU8cKZWaXWyNZdXBEcwozcvOsyXyQ2vIW4fmEURBNYcn1FhMypISXF H2ViUg0l0jtj5Uw7bQbzsF7G6C6UY3VeVQvlLk7YM0XcbedZ7k0z0Gp9WofUraEHsRxZ4fH4XrR9AvkIwoCV0P2I lpXsWABuTq2ZUIV8fQybejj MwqWKeX7wRL3NVzJA89cyqvPooY0upYckP2Om_Dg Lu6ftOK1Usuua761xsYzNcSmSdWe52VNwFPaxbVt6mBo30RafZ_jAt3oD55MzeNGiTIcvhBsRZJS92d_nnjBg5GkXAegPqpoFK_DD4qKlIQDa3RqsNiovu7OnQZJ5JMDdC1GPKVlkIWrDoOcEN1Anzu5LK6YbDBhxXDWswM0NFkESxeAvP24nltxp1V84VEDB09qIwGOVevAbWoSkV65uMPX2_WvPbN7hKwBHvozqSrz8cZwHrMFG7uEsmwalsn5zPXhVW5JoZ_Mzo8PQx11yqxSn_WuB9bKtmf aoaNFzNsCTJmluTKo8q5kOdXjzHQcCyBacwl0kW_EivBbGXJ5VhFLOt9FlH1m9JR_uRsBW11HAHB3VmKY0A1xTBG0T1NLcosKvPmhnqz7M9vkqQeP5ZYHzPa1PC Kq9NZazE F4HneCkimsWEJ9XEj

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1476168024&Signature=OXcGBVOBV919e3dIyWBqDTQYGxuVaZH2qk20Al6G~Eta2l5C4ektxVfpGowoAZllrj~UVzBZ3IsutNIret~YC3MAW3tdDZan~C3R5vK-dMiuWw9tHZnvfZntttNzpSoEXLchy~bbqGVMvKkzyrq5vB7REOeIBfNezHfofvK7m3o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1476104580&Signature=iFAHfA~FfYiYAVlUFQeGYc4jWjoi~Dy64FOFOzXc3vhDyrDsXhi-OMPsM6riYOLrL0VW~gDkN31k4odwwJcVJy~CorSE1FkVF5oiJ3f8tBZBU-IyRbFaFJwqYsNibwlSsrtr6ewMFA6-L5EbS7l4eR1CaggBjPpzNGJzz3LLK5Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

&onid=2186&oid=3001-2186_4-10450882&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=design/animation&topicbrcrm=&pid=11081515&mfgid=6276348&merid=6276348&ctype=dm&cval=NONE&devicetype=desktop&pguid=7f2726078ddbbb67738df053&viewguid=bXoA26PIlTnb@XDtHvw8vcsxVEIHnsWiG0cf&destUrl=http://files.downloadnow.com/s/software/11/08/.../15/TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1478174931&Signature=fwLpxjvknirdy5TpamWojgvf0lAQ4mR8tONW-rTeoIZiTGNmMW~3qudcXKAaP9Q2vw517nH~NFbgv8TRMA9tH~64D1e4KoCH3rD638NpXs068f6M0S~TICbOUxjlEn3NpqKzFORVqn1~SGpY64AZLIiGrdHqK3HN9h4jk3SdAs4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1476952422&Signature=SsEPGS5CACO1MAi9~okFfTDxO3oRg5ez8t0GlzXQnCyBV2362xGn71ECJR6jm4KakdO4SDgc1zZtidouwA5KesisD3za1DAt3xoZgLGLeMmOBXqZBkl-3HT6dIO-J~qiCbaUE0BE9MOVjRw2697YeTuCzizexUidhQkZtxM0C~o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1479889075&Signature=CSwM3p9hsTgJmZb4aehf~oARsU-Rw2kQx2ZDAapg35g12w6SN2Jmi7D-1YRsoOcWlFMwB0MvhsJ2VOGT9vU0MOUmWK3qUyhoxxfgrlgpkYk5xILoDQvwkJQi4S9JsFYI7RhIq0bcKQYq2prkhm3TkyiU8fNzhbshdeFacIdvCHQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_it&type=PROGRAM&Expires=1473584024&Signature=eiUAO0boytOY~sT5~SK6zOFTPsYRKfftxwdLsWB9WdoMSqVwHHVarGBDvRgN3sBiHDd9J2FrEakoGAwh6dm2lQd0Iu6UGoisI6UuKP0qej9uDxpIXzrPH16aV0sTyfvBatMkcmiZ~7~KeXmPoxqPju~GeGTB0gq-m7Rh7KwTq9Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://www.ranchbundlebulk.com/c?x= gi Gyj1bhPnsy0x9Qp8WSuOdpuewZa5/qQR8EbnfEI=&c=lOddHsIV7D24TzoTT7pk9hnmKKQoZ3KzpyRYq2UQaN50HlV4xGOGy2xoQITgkEUzleV78YpmjhCEttW98C3fD4/8g9z50xYHlEnzUrx9wmA=&downloadAs=toon-boom-studio-8-4.5.exe&fallback_url=http://pf.benjaminstrahs.com/s/1466164958/en/6/.../61721-89225-toon-boom-studio.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1468245770&Signature=Z720bc1dJsKvDq3DCPXGvnXo1F~x6umn486N7hPg9F1ZyzU-pfzFEmclNtPMlZ3nCsU0lP~-fMaqGNBFdpWW~A20kp4brQV0EN3GQ3P~bctZYyrxbgSgug4BXix1vSn96iOlH0yvrCsBulpyuCQBZXG9mETMQm2t3AjRw-ERDgo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

temp:toon-boom-studio.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1465728099&Signature=Tobf~Pv83BS4hHuULJbRKstObaN2-LRFC2EgfTqgTeBAnXxATFx~66yhOS803oK~gIGAhncwVesbePRclV8v6O0I-xS4vQ3jkuJXjZHEJnwAqIUMSjiysUQTzSW4o1vFaI~TS9h6R8Uzm~ScTy7u78iDuyPoXMCRIn0OfSjXW1g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://www.appstowncity.com/c?x=Iv1KmM2zE0Xi7smhU/j3baeAcsoTR1c9NoAAKSzV8vs=&c=xJcBZvNIaGEfZkPqLe68gtaR/ZIuM3cukdqpNvO9SR4cq0jsbW Q14KK4gIrYg3MYUhEaSiKXj3/yifwq2ohUSg5HdrmInTjPRE5UadmIeUi3Kpa rme5VUD9L HD78bDo01fNYu7ccVhoWpbXCu35jTE9 AxeQccEzRtIkEhqiyn4auYwcFK9Ocp8YMujtm&e=0&downloadAs=toon-boom-studio-8-4.5.exe&fallback_url=http://pf.benjaminstrahs.com/s/1459667281/en/6/.../61721-89225-toon-boom-studio.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1464865169&Signature=LRuXhrOR5ZyZRY3KNOpRigFDHaTd~f~7akebgE8ZVy5FpkHXEi70LQy8nTnlX96~9U3m~S-Yw-0orEiZIz2N640pyt0OJqbyrXRD10PRAQuz~HkUTH9NFIRTiTh6UQbdJ9441ijRtdBNeC4wHmuIocsY3S0NxsFPwCGliWmPgcs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://www.heartcontenttowers.com/WVl6OTRQV1ZOZEVscFVtaHNlaVV5UmpORGMwdEtaSFoxVjJocmFUWXlOV1pxY0hod1N6bExXbmx1TVdKeWNqaExieVV6UkNaalBWZFlXa2RYZVNVeVJpVXlSbmh3VEVGS2VEWmxXVWs1WmxjM1NVeEtWM1pGVm5kd1lrMVVOVWxIV0dKMmRXMDFVSE54VXpWUE5UUlVhaVV5UW5CaUpUSkdSRlJqUVRsUGFGTjJSbmczTUhadVMwNTNjbWROYjNaVWRFUlFlRzUwV21OSldXUlRkV3dsTWtadU5EUkdabFEySlRKR2QzZERSa296UVdOaldVbE5XazFEYjJkNE9FVkdVVEF3VkhvNVQwcFpNVU4zTmtWbVJsbDVVR1p3WkZKQ1p5VXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejEwYjI5dUxXSnZiMjB0YzNSMVpHbHZMVGd0TkM0MUxtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbkJtTG1KbGJtcGhiV2x1YzNSeVlXaHpMbU52YlNVeVJuTWxNa1l4TkRZME1ESTFOelkxSlRKR1pXNGxNa1kySlRKR01TVXlSall4TnpJeExUZzVNakkxTFhSdmIyNHRZbTl2YlMxemRIVmthVzh1WlhobA==

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1435831724&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=eorr9dKoUB7l9-kPHsNmSs2AruzG9t1f3ZP56Nh0m4947ENsPwCvZvl5qYsEMfaZ--RQPnQxrXiyyJjP5VJyEJ4Zs8u~kTpWgEzLoDYa5vcdD4XiJ-bUsMT~0tqCbKAqIG3fKmtnhOD8PgliN6GwPjGn8q7R60B8hqzLaAc8f8E_&filename=TBS50Trial-win.exe

http://gsf-cf.softonic.com/dbe/ee2/.../file?SD_used=0&channel=WEB&fdh=no&id_file=45694&instance=softonic_br&type=PROGRAM&Expires=1444815932&Signature=iVS2jjhw436H05NS5eHRJlEIcbY6fpEw04aEE0luuQwWlmuAhtPG4y3ycT~oLkymLcqxTNH5nsAFqqQPhZTyEW7iqL5uyoYvzz6-zsURBWkpw8KRXD8qI5bxlUYsTkKGUm27DjweBVZOseU4q9NBsSgbdKnQoN3BGeAuY411aBI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=TBS50Trial-win.exe

http://files.downloadnow.com/s/software/11/08/.../15/TBS50Trial-win.exe

Scan tbs50trial-win.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.