» trojankiller2103-setup.exe
Overview
Analysis
File Details
Downloads (14)

trojankiller2103-setup.exe

Trojan Killer

GridinSoft LLC

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

Publisher:

GridinSoft, Inc. (signed by GridinSoft LLC)

Product:

Trojan Killer

Description:

Trojan Killer Setup

Version:

2.1.0.3

MD5:

d5447416a7927da92d7888fc8c9e8d9d

SHA-1:

cc78bff78dab97ab5e7971cff9f1e90f92260048

SHA-256:

937c0f42ecc47c35da9e533387f09e2347f1017af4f80700039659722facdf03

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 2:37:15 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/1AntiVirus (variant)

8.9913

File size:

23.1 MB (24,227,600 bytes)

Product version:

2.1.0.3

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\trojankiller2103-setup.exe

Digital Signature

Signed by:

GridinSoft LLC

Authority:

VeriSign, Inc.

Valid from:

1/13/2011 12:00:00 AM

Valid to:

1/13/2012 11:59:59 PM

Subject:

CN=GridinSoft LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=GridinSoft LLC, L=Kiev, S=Kiev, C=UA

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3342F9C793FB9687D0852BFF37D40D9F

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:L+7ql1SiTRxeDn5eK5GHYYAA+1P7k7iCnSwDVZEYT3E1b/hUESmJU1ecSXL8PIoe:LaqlL235GHY7LUicDVZEsU1IXS2Vw

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Entropy:

7.9999

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file trojankiller2103-setup.exe has been seen being distributed by the following 14 URLs.

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_br&type=PROGRAM&Expires=1480033674&Signature=aFE4VRAXOVtwlV4tZ9ZxZK9kkQqESG-24xWTxToBoAA7OHB1q4iawvTxY9IRvlJjR0N2j~3upJRZVxYCKLQ1MgDC2mptvvg6xsRM--hOq8-0t4lbLWhdRNQfOx~c~4hKmZ1u1s0R8sYRt14nRwy2YgJS7d2QKz8XKpZwiZ4vO4g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1432258151&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=eykz2ZTJbYda9Ewio9CLzFUJXOkAXwq~2U9yxejNRYDCbdFISOcs~G9mzy2Dn0iGMOAiSABVIKTU69FYDEBjmC0y3x-kbHbV5F4nAz9-QGVKJ2VVA7iC6u9-WLyXbwCOoLmx1~FPrjPetFIcXkj2lAu1-42fL5R52T~yB7EKXN4_&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_br&type=PROGRAM&Expires=1438070464&Signature=eOjNvG-oiu5c5RgDo5ncvfqgzo2E4mn2HtucU-zSYMvIXCIDXJjfbMfGlr-k9Ra3fhg3dOuQk2AuH7ghSHCAUoofYCGWXbFic-7iITYOCAnDQBBC7hB0XOqwyPuGRGCKCqq7p~JXixd-4IweEqxOjhmDItwGhT0YlJEwYRc2tkE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1478154716&Signature=KpEv8O-Nk6EvikPL3S4g19Uu0UNbgtOdxbVqWzRRptQj-qzTuf2lZVoovhPq6pB4Oge7zwxHiTM-2e7mAfbIZKFBjW50vpJBPLTvgnYD7rRfsyo0ElB~CfWt-8rSafMVC2STt1bWoIKvTt6Kkq4g-pOfeLFyJTZ9aN-GNy-O7ic_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1477188667&Signature=WTNpjaM6GQ-AqLFbFe1nGzpjJ0exTtXNwf4nVf5RAafNK5xU5Z~JOyLaGOcrb654pH-dmoMor2MDRNTJvWlTlcjWDjdJXQl945ND167YlHP4NF44mjLsEZxrokDAHCNeOvIk4WpgxzXtkRzAnfgZ5BO64UBQNg~GU8y9m3H76Ng_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_fr&type=PROGRAM&Expires=1446576760&Signature=ALRE6ApRdYOR1aAriMTtsk0VlTAX89cBUKvjSoXUNC42jE2wCONRoq-f80n17SxNYFljm4OtYi2fLB2IvhlLx7ZdWEinMREQn1B~WjzMzaUMTA4lWkyHGd05W-jPIwxsdHAFgnHGvRiuXrGTx7MA57JhWqReOyzUNFDhQmZAQ2Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1462289352&Signature=WlnoZMfkzSbXbOFQ4pZU2q5ciLEr1jm-McR1GwgXE6y7mzqi9TmsCAN8nGtSDi1hp~WqZx0d93Ph-CgYRNsfEN43hjiXmUEuCoP61Tfp0zNkaE8qbu0hdfuzoweP4klKcSqPkw7KR2PIDFxFQMz8ZHXm9mYL1eYjzBtk0Ucvrwc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_br&type=PROGRAM&Expires=1470599193&Signature=D4iTxk8PewL6BIY24K6ybHx5mMBaRqP~3Ks9BWQb~Y~X0vHl3LXr~7nbIhUCmejNS-a-n54cKlXy3XJgJnFjIvLstp-7Sx0JYClt9Q4CksuQhpRTmboQUHdQJw-IqXKJGgafe751LSe41ToO7fj2NE4AWu-8x77zcQgEBNPvxNE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_br&type=PROGRAM&Expires=1467721380&Signature=FvmfFVmLS~V-uo2JbxMxr8Z0wQKxeq-Ji6gAQw-RLaR~ACGDOsfih9Fu6t8lNuM2mtdwO-zgdJRGMfh76IpXesYR~CjWjv5TAAMgQYALEocQJc-NGfFyP4ZdBAtvp219gJn1fFtdKCknpEyoYs~mlA~HrDopv-twPYGkxIYn28w_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1457784900&Signature=bZAKuG0Q2Mro0qz4-9OfQkfrV0ZqW5jjwf0wbDislzHsQpeoKE94-5AKdS8SpLoOQzRQNzINzoDu~J1QeaqxhdHeGvCNz0ELAEobTmXpRAQ8u5q1guut9ofVHOi4MfQBveXdZUn0f-vl8Es5LGQSVBT7UDtU5UTRFWCS-mdS99Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_fr&type=PROGRAM&Expires=1444206280&Signature=B3-KTWYORGt0OmeuB-n5b1QxHWVzzyxEd37-Y3TsFqSEYu7G0S6R0yXUpvQsU09jouVYwkH9bfZw0PJqcXz~28FqiAix5eLXb-CFhDjE4uXXgsks0giGYSkJVXtPU4zYRZA23t8PQjv8BpNEKrE5T89ZgKyghHFhzlM~SdV4X3Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1445241658&Signature=FJqmNaEJPWDO0OicCb6u2N71DPVxBSwVQX0cqA4UKGRaPb-auC186PKrSx4-pQfXhAKIW4ze3ttmnaGW7BQpOMhlr8hTU0UZHGxSUlsApqVWBdq6GSVHz6puGeNTUsQiGS20kIL5rWNkw~DziDGtWI3naiQ8gPtvwUz5zDPdeAE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://gsf-cf.softonic.com/cc7/8bf/.../file?SD_used=0&channel=WEB&fdh=no&id_file=69238&instance=softonic_en&type=PROGRAM&Expires=1439687338&Signature=XDEE9v9zJbitInlDBjrY01q97ui6rt5OPipUB55vQTsdVAbrV0ochu5kpTVyFpg4BJCD~S6~EHs2TNCQHLHomr3IBs-2QvL1kJZ13bf0fjgSgAhdgvkaFv0iG7OjHssbV6stPaFOFzrKEE2boyDrkz6vr7HEvGbBnsbZVJuI8Ns_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=trojankiller2103-setup.exe

http://c353543.r43.cf2.rackcdn.com/trojankiller2103-setup.exe

Scan trojankiller2103-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.