» winmail-reader-setup.exe
Overview
Analysis
File Details
Downloads (11)

winmail-reader-setup.exe

Winmail Reader

Kopf

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from winmail-reader.it.softonic.com and multiple other hosts.

File name:

Publisher:

Kopf

Product:

Winmail Reader

Description:

Winmail Reader Setup

MD5:

420c65ee1fc0355890f0929ccec43e87

SHA-1:

965e7e7d6ac9badfecc9bfbec579c9cb16856286

SHA-256:

8613fd9a29079424a89f95d5c94b6a96cbff00f2afdca9842c1a5b65c909db3a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 4:25:15 AM UTC (today)

File size:

687 KB (703,479 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:qna96qurSKk/9iKWljB6kjWvEsmjjYVb6OORWjWOG/sLUSwA0pyHKWNjHP+4vqV7:qnakqur9k1uFB6kKvEMN6vRW5tJEHWZE

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file winmail-reader-setup.exe has been seen being distributed by the following 11 URLs.

https://winmail-reader.it.softonic.com/download-tracker?th=1/.../16MIOzRwqccoV7ljLjczFPcOUOCpY GNCwaUZdsyFTUuUXK3DBQ pbH obYzYuw7diY071uNJNuOCoxMYLi7m03zTvn691PLDHadqHE=

http://www.ranchsendgift.com/n10xgzCJiyxga7kT XNfyoVobPamMuhI3x0 6BBOsia1Tf1y 7eexDfMeI6JfBkq462xJm5noFZgCYE5p97kuF2TCMRHrArjO8D6Gb3OcTtr0I6rAqfuDIMwTofuVLnYnN0_kakyxAD1n n3yAFy9cN3ERDK1Iwg0hNqy R7tb ZmpwJ15LYX0cs9OpUb26M8PXo3mAY9xzo8trWbT_zh61kNeV70g==-GzYAAMS2SeOkjrPCCdInVhQ45ID92yXRgCwIJnLgWVtwu2tM_LaV_mV4bCUv5tDoHNJOFG2cm4wP

http://www.towerbitscenter.com/dHHwBKxif4ytXo_Desqj6r0oOFSNf0atQtgMlk9266zYnPYFX nHg5UV5MJaHQNN1ZOBLgDHY5osLFyGhgpIi_c8qx0JAMW9hTrTPQ49p4KNkA5ppHSRQXnPuFLafm1Vtz9mX3kcQkhds7Ogku6h4i1KEu8_2NPdoMMUyJQoV2FKJhlEDQ1M2vv48VYFWc0e aBcitJ8AT_wr4eLuH7IUulcAl6nLg==-GzYAAMS2SeOkjrPCCdInVhQ45ID92yXRgCwIJnLgWVtwu2tM_LaV_mV4bCUv5tDoHNJOFG2cm4wP

http://www.packagehostdownload.com/lu_0ixGO0MxjmN68bhYkVrJFrqy_PxOg0sjdXv IBT35veP8uDjqqz1aBEfIEgFWjNrOWR09MQqvrjPh5hQhXU_rTUYKFf1wXEV3t_CTcbw7D5sdYk1n32jYWW8NUk_Xgfgwe_BnhG_6bEFtfa4uyDFrTgU3vsAh AXGNfJf58quRfMx7snJ2a vDDeQKBIRUgASMG01RuvZeQGJBy_bF99fJUAJbg==-GzYAAMS2SeOkjrPCCdInVhQ45ID92yXRgCwIJnLgWVtwu2tM_LaV_mV4bCUv5tDoHNJOFG2cm4wP

http://dat-reader.software.informer.com/.../

http://www.sistemafaemg.org.br/.../winmail-reader.exe

http://lnkr.us/get?sourceId=5&uid=50313x1031x&format=go&out=http://www.kopf.com.br/winmail/winmail-reader-setup.exe&ref=http://www.baixaki.com.br/.../dwnld75972.htm

http://files.downloadnow.com/s/software/12/48/85/.../winmail-reader-setup.exe

http://www.kopf.com.br/.../winmail-reader-setup.exe

http://software-files-a.cnet.com/s/software/12/48/85/.../winmail-reader-setup.exe

http://www.winmail-dat.com/winmail-reader-setup.exe

Scan winmail-reader-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.