home

ufasoft_sockschain_4.221.exe

MD5:
dee59911e09a935b76d9aef56eac9807

SHA-1:
3002864de87f6935e5f52b5d04bc5b9901e2eba7

SHA-256:
09efbfa7dd05f5f626cfe18d1e1e33df7e6154c408b375c0f984bd97184df185

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 5:06:00 AM UTC  (today)

Scan engine
Detection
Engine version

Quick Heal
(Suspicious) - DNAScan
5.15.14.00

Trend Micro House Call
Suspicious_GEN.F47V0422
7.2.121

File size:
477 KB (488,448 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ufasoft_sockschain_4.221.exe

File PE Metadata
Compilation timestamp:
4/22/2015 10:10:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
12288:j1TkKz9sE2a9QiFQgH0vh4CgARSVdcKyb3:jbV2a+iFwhJRFKyb3

Entry address:
0x8FDB

Entry point:
E8, 7D, 37, 00, 00, E9, 94, FE, FF, FF, E9, 6A, 48, 00, 00, 55, 8B, EC, 56, FF, 75, 08, 8B, F1, E8, 0B, A4, FF, FF, C7, 06, 0C, A2, 44, 00, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, 83, EC, 0C, FF, 75, 08, E8, 79, 48, 00, 00, 59, 85, C0, 74, 06, 8B, E5, 5D, C2, 04, 00, 83, 65, F8, 00, 8D, 45, F4, 83, 65, FC, 00, 68, CC, D1, 46, 00, 50, C7, 45, F8, 14, A2, 44, 00, C7, 45, F4, 0C, A2, 44, 00, E8, 39, F7, FF, FF, CC, 55, 8B, EC, FF, 75, 0C, FF, 75, 08, E8, 7E, 48, 00, 00, 59, 59, 5D, C2, 08, 00, C7, 01, 28, A2...
 
[+]

Entropy:
6.4150

Code size:
287 KB (293,888 bytes)

The file ufasoft_sockschain_4.221.exe has been seen being distributed by the following 5 URLs.

http://lb.cdn.m6web.fr/d/c/a/21603c86e8cd782886cd85a507505257/58012f7d/soft/.../sockschain_4-221_en_66198.exe

http://lb.cdn.m6web.fr/d/c/a/8351b693cea44acecf48dc346f68b076/56a8f341/soft/.../ufasoft-common-lisp_4-37_en_192054.exe

http://lb.cdn.m6web.fr/d/c/a/e90c69b869cc604acfdef198e6a95280/56d570a5/soft/.../sockschain_4-221_en_66198.exe

http://lb.cdn.m6web.fr/d/c/a/b10f2838fddbf1a45f6e78ab2a2cebb7/567967b6/soft/.../ufasoft-common-lisp_4-37_en_192054.exe

http://ufasoft.com/.../ufasoft_coin_0.113.exe

Scan ufasoft_sockschain_4.221.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.