winmerge-2.12.4-setup.exe

WinMerge

http://winmerge.org

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
http://winmerge.org

Product:
WinMerge

Description:
WinMerge Installer

Version:
2.12.4

MD5:
21dcf095c7290818ce4b05c7dca66ded

SHA-1:
345e957fc483d5eba8d0e99010a9c24e588aeaa1

SHA-256:
155896d41247f4cb933d4b24bd67ee8fd02bf2268ca4db189dc8e56b88f263c4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/10/2018 1:12:47 PM UTC  (today)

File size:
3.1 MB (3,212,078 bytes)

Product version:
2.12.4

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\desktop tools\winmerge-2.12.4-setup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:uhntzBbF4KfhpwW76xE8qQE++aawPZj/xsR+G8QP3frNcH52:md1wW7iE8zEZwPZjJsRH8+2Z2

Entry address:
0x9A58

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 6E, 96, FF, FF, E8, 75, A8, FF, FF, E8, A0, CA, FF, FF, E8, E7, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 0B, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D4, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, AC, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 1F, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9976

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file winmerge-2.12.4-setup.exe has been discovered within the following program.

WinMerge 2.12.4  by Thingamahoochie Software
WinMerge is a free software tool for file comparison and merging text-like files. It is useful for determining what has changed between versions, and then merging changes between versions. Visual differencing and merging of text files.
WinMerge.org
4% remove it
 
Powered by Should I Remove It?

The file winmerge-2.12.4-setup.exe has been seen being distributed by the following 29 URLs.

http://gsf-cf.softonic.com/345/e95/.../file?SD_used=0&channel=WEB&fdh=no&id_file=8516&instance=softonic_fr&type=PROGRAM&Expires=1480629511&Signature=dJZMsh78SBO7TbtvRsxnpci71tpiqKMT-4uxr7Bgo3QL22umE-SC0-vhIv45d2O5DdD038R2IMvkcwrNqUIfGH~gA-ki-xX968gPzdsZmgYhnftu4JqK93KMdDur3mUI0jfW9mvruhEp9Fi9FKJCHrUBTEXq1Y25UNnR2JeIotc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinMerge-2.12.4-Setup.exe

http://gsf-cf.softonic.com/345/e95/.../file?SD_used=0&channel=WEB&fdh=no&id_file=8516&instance=softonic_en&type=PROGRAM&Expires=1450395482&Signature=e~kIlJ5defLMHdqKLwCIwMdLycF0NRRrxlHKhgsKFLqdrNaEnZQHN5cDE5S3MNrjqlzJDqjckAzaMT~VEum8UfbCOuAzXKDcmrmqq109DNxGKWJ~5KacGujll1Ypb5GN6D5544kMrxAGeVcRxfNxEgud442L2YvP7yc6kX3ryLI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinMerge-2.12.4-Setup.exe

http://gsf-cf.softonic.com/345/e95/.../file?SD_used=0&channel=WEB&fdh=no&id_file=8516&instance=softonic_en&type=PROGRAM&Expires=1477624846&Signature=cLIDUEkcoo1CK-G1Ptw4Fl0ebFKiALIDpZz0xsEfcZKfi7gOhL9N0ctBH0ht23Oz3yVf1sHLaFGmfgrgBQOLuizbCIi~5w8dF5Xp1VhSJ5GuDO8Mk21USpMmn80oqeCxKr6soo1j9o7Yb2qqZfHi68p6pyiR7XX~vrfiX3pqgwY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinMerge-2.12.4-Setup.exe

http://netix.dl.sourceforge.net/project/winmerge/stable/.../WinMerge-2.12.4-Setup.exe

http://gsf-cf.softonic.com/345/e95/.../file?SD_used=0&channel=WEB&fdh=no&id_file=8516&instance=softonic_it&type=PROGRAM&Expires=1471645806&Signature=Ar12BINOyWUoGs3vltyf-Ys~HCW5hsaR7cQqN56N2F39yoPofAjRVG22GQWIRlszZZQ0W~TuhBe3r4Ge2sKb0KzoBXAFjp4~p9x48Lhn1KF4yKJUHaKQlqJumSVJmFMot2B7EoHzs2Tq62fiKxxubBJHtt6aZE7EA~hi2pSzi3M_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinMerge-2.12.4-Setup.exe

https://download.bleepingcomputer.com/dl/d1a6e3447210bcf3c35e87d13f0c7a2c/57e6287e/windows/development/development-utilities/w/.../WinMerge-2.12.4-Setup.exe

http://superb-dca3.dl.sourceforge.net/project/winmerge/stable/.../WinMerge-2.12.4-Setup.exe

http://192.168.10.10:2910/grs/attachments/download/.../WinMerge-2.12.4-Setup.exe

Scan winmerge-2.12.4-setup.exe - Powered by Reason Core Security