» winoffsetup.exe
Overview
Analysis
File Details
Downloads (36)

winoffsetup.exe

AMP WinOFF

Alberto Martinez Perez

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

winoffsetup.exe

Publisher:

Alberto Martinez Perez

Product:

AMP WinOFF

Description:

AMP WinOFF Setup

Version:

5.0.1.0

MD5:

83c1d6b13254c54c9d4b2a33cb2b1980

SHA-1:

9f487263216245b3d15f986d79531ab5c20c2198

SHA-256:

2891d5cd484791a8482865255333b8cf432a9d6dfb8705d724a825b85b64c891

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 10:20:02 AM UTC (today)

File size:

606.2 KB (620,720 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\Program Files\winoffsetup.exe

File PE Metadata

Compilation timestamp:

6/7/2009 3:11:54 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:VuuCQKFXZ5I/lb/TM+c2DUB+/+YXKowA/lZ6AkMXfLPqowbe9:VuzQK1GboP2DUB+WYXP/lZ6ApX7wi9

Entry address:

0x323C

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00... 
[+]

Entropy:

7.9473

Packer / compiler:

Nullsoft install system v2.x

Code size:

23 KB (23,552 bytes)

The file winoffsetup.exe has been seen being distributed by the following 36 URLs.

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1481933052&Signature=W5u1A2jjwQyFjUpqRH83D-EUfuO-kH9UXBtkFeuIRmof7rZYC-Srd3kuzFL4~A4AV4h~rNL8keKKVP2nedp8G82kc0F597KGm42AxmIPZWBE1Vxpc6Xwa3yATibNUELkWFxeCgZy3cHHn~HFLKuUjETnDZmzdmeVwvzReckrB08_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

https://amp-winoff.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAMn8VI9fo0LozyCbJq4G4RzXNuTw231kyydQ2CpJMzvqc2Wkleg1EiE53Bmq4Uim098yCGNfKNZAH9NkCqXJyyJ0DGDH6e HLq42792QzFcS57pVPmvR4xe/.../J7tFkQ=

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1456762522&Signature=EzqlCaaH1wcQG9Kp9VedtvABr4CPRyNQ92og3U8NCwJj6gGFNHOb5KyijRnw8Y7jqcPirvYtnvEBR7IpILprdZ1AYbRqi23NbqVm601f5MQB7QLdQSpD~NWiwkRfoUthcPi~8GXSCtcLJYoIX5314kptYXDuUiOiKC15KFwTbzw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1460035505&Signature=eIpTr8Bp0wWB5dfh58LWi4siGieaBmp6n9QWPvJZ8J5yfP8n5qUsilPBjFh9YNbUEQVJQgnvVJgOrgJoA9KAxKI3rOgxOBl4HB3WyDk7mGW2k1kEgBtypHPF3BXcvELpH6GCbFPtSbIB2~WoSmpLHLQi7q8ZR4SniBlnKEa2TCQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1480601537&Signature=f1ckbM3ZG3lsWDk~cpruCLhIRO03jBY00hX5ooCB15vUpybexOetYAqU2Iy93TU4HSkQnuG9c-KQ2v-TgPaptPyM5raU~u3In3qd54Aox-hd~9KxRS3wwnmpBaBlGSJsNMy9rJexGoptpuYJeWDadoFa0MY0sc-7YPxbYz5qDtk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1477302013&Signature=axaVCElbR4OQMTIdL6KCbsAhkhOAtDknekUl16iiKJ8j58cQWM5C3F1d3zDkJ7AfQcjXvSh7liNKC-V~fW32nJgZNVUfExatGRNIzv3EKZxbnUnyt2-EOGPffdCiN9SfppiOVQtAElRdqow263MeDaSMSr2GdgUwiGxW3yQwK4Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1426689228&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Qz1iCnQ6MyYzMho4cX1OPIdU2cuMpGT~PUDwls-ZDn2TjXCU-9xtaQp8maea4fkJ1DuOxh3ihQeF7Xf7q4I9IBvz8zHTXqHN9guc2xPKCnoraylQiYETsEZPyL6h2N1o1GLrO9rHXLeDNtqeefTJOIQ3~WMulpxpxxQ4dB2Da6s_&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1424693703&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=BztEXl69MhopBW0n2~Mb6XL1hHifMxztPk7sOdoDPRIT~feECZvpKBpjt8buksu~Id8nBdmEoJ-Emu4LMcOSMEU9akwqBpiWQWx3ooJizCrHc-Sc~F2xB95LRTtr~S9yqC86Jj5IZYIOXGrYPgcUXGn8vcHPSvBOMDpgxgf6-dM_&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1478363750&Signature=g7FwMc4Z08Ho3j9YvhyWANmx~39LKjSYpmhgELmlM98DIDDdH-IJ1P1rDBlrsn6AvxOVAuV~QTrfsRYHF26sqalu6-xhf19jqJb8joclW53R9MtCeuq5gYQ2zZZ-Uc7Zu7WYXw0LNXrKQy32JV5lsfc29R9uWf2GcTESns6Fsj8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

https://www.dropbox.com/pri/.../WinOFFSetup.exe

http://www.lo4d.com/get-file/amp-winoff/.../

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1437412391&Signature=KKyvZjQDCkrJIUov97Y7JH-3dX5zok9JMhgyJ322sBBWGFPb7fKu2qllPwOhxPjD2xKTgF-oXeY98mymn-r5Y-LmPKkQNlpEKnkmy1BzWUaZimWLQGlGR~Oa6Bw8Pnk0VlgQuRhyYB7Pcruvw0xDiNPLhhs4EzA6dQ2NrMOadMo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1472260222&Signature=b~1QbopExCITWzEC~b~mVJ8qnf1KmBW1W9gNzemLPNACn7yb~3k7lBHOw9kaXShdt4chL2sNuwXddWNqjVDjV74bIl5p-z6EUnRpSabzyRgEV4HCByYUaOzy8AafQLEEU0ibMo-Yk65xJ9EyNqOyQbgUcbGVUfaDBJp06IDe-iE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1451609755&Signature=fVmAw-jY7mR9R0ZJ-nA8y2-fxCGzAxwVJUgVPbjfU1kh9seKQ-r2NCYAtL5IZmALxV3lm7bRoHmGaHuKxKfJXNMEf-fzzQP6RezcHBRvUU86qEXYmEbD~KhFl~-E1HeVgFwWRcMQR4TUc~FMtDmaioVd00luF2PgetpTIcwIgZQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1479574106&Signature=WGi0Zu3sRvACPgUogEXrlkGyLzrT8uhNhHZRpH7Rfj-BSsCjwMblebBwnWZptgl~pJ5qtxxQPnhe294DfVVz3v--r93T29xDA3TcrzAmDpmr8wG5HtUCv0vn-LqnQsjHGv5rMFA3ws-OuHCaq0PwWlwpIvqv8bdFJtulZewUbTU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1436612032&Signature=EXOV5twMf9cTsvwIzAkUjjMNV-3O5J1ntiAAXsNmtdGMCVSmt3LhReRC9t7KuPS~UNGJzB9y4eWcPA1xyBTo~h3DtFXb0tqPvMMy2YZxlHsaRTsphwHZlj9wNL34Btl68INWXqh9DbacIGDoCwif3MowWnQpfjt0ByXVjjmNpwY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1469299779&Signature=AORKWFQi6TYYUMFP6tOUQgzWVk9qT4llV1P5l61vZELvD0jGVsNDCDwLYuwmsPSDqqsW3mPvLPl3VsolHwoLKbn1~LEiM7lKtKgSR3tPCnITqDQxKJCE9KILAWap42youfJxuXfHFR1mOmTs5uF0uuEr96JVnOghWf5srWD~o50_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://dw.uptodown.com/dwn/mg5vNIO6pcbz-lKSp3FdTyDPPgd7nEy4QvOoNIxVBUoOsC3GSq63KpzizsGEXfVaggXbPACHaknbXApNEVjhwYOdnBgsfvga0sj8Nlf9c9lzKLJVxtjH1VMhdqCC5VYw/rSHXh5pHLAiRwGVPY9wgn9aLDCCHMx8zWoOnLdch_HZCW6F4yuS8bg8E1qAEXDhvCuyNSS4-FacZ49pVBQJu7cCEzJ1VIy6guMhBlLBxPgHBLOPLQzJHvCHvjqc28vGR/OzHUYRBk0j3mQbU4seeWR1n-ZJxUD0MAC7cU3hQ2gsmoHne5JwEMKxgsF18pKPfdY7neU2b3S0qeq-ZgIKvV00zBgqigjdH7D6BR6wky-9B1fpnfJf9VqwnWIAVSn2bc/.../

http://amp-winoff.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWuZIFnoHcEI7f5JH/.../0jDIVho0YeZvm0D3WforR36GaFMmeTTeB0Ps4=

http://download1648.mediafire.com/vuh7ohtc070g/.../WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1431444238&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=IbO6EHnZkdtwFQlUCeOVGOcK~vrkHIVz-Ng~52fgogqxwghKjWr0BxH5LeCp30SgQ8fP-p-vZRksnH5a3LsbPsJ8johdKkBY5L3Qrxncu4aV3eW67cjLKdAZy3LVmiZTcVLQ19EMYT1LbiEw~8audIJJabRCHj8f-46X2naKe8M_&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_en&type=PROGRAM&Expires=1476222788&Signature=d5rk8fW4Aetit4ArY7p9r~aiFU0EZoXg50pCIW3UUzHZ12IaBWYbyMrrwUQzFc8q4RNyo8sgPrpnnxVB6E3eb8THdH1oOl6Om7R5fmCZty2k7sYGcfM5qp3YbNcXAUN4KFfEvJ3rOvM-G1wpPvZetBhqg2smNgFYthXXvmntq4I_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1479451173&Signature=KhSKsFVLlIocYMh5vuC~bIesSPuCusTHs0hhp4Gb298gsok-leRwJxo8fGEsMHK~1r6GItZ5-84C0Nq8yXRjHy1xUibzB8MqYGrsB0BXCiBSecRP08JxAcAmM6mSNBZsI3hl3BZen0FQxl-jKpVyEiEYFH3LVvG3FjldUPcNkT8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1430401560&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=MHNl5HXDglsYNFF3HtJfVqw1AdIZ8hT2QUfJrxSNzeQeue9oDI~p0my~zq5uhW3vRSNr-T1rJmSZaCboJsMgydVjHy4zNduYScFY05Yq3c1YvsbZJHjQlclO6M3xS~Yby1rVAWMGKplL4ckcUhzO1JPiW1OHVXqBIxb08FOMFIU_&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1446528742&Signature=XB7TllMGI34AuDsNmXwyDRvktJXs~Rupp0CeNoIAiiqQFJHCUo6XHtNNZG4kVwAOrRZz104RT7k3T2xUF~j12o0sxuwggfRSQO86uyBXB5urlKLwKb6QGDWbqIa6rM2T2NutqfJ8~bWweKzvj5Nx0y64h3Js1~5F0pUUXAISiI8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://download2128.mediafire.com/5iq5j5qgk2ig/.../WinOFFSetup.exe

http://files.downloadnow.com/s/software/11/64/12/.../WinOFFSetup.exe

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-ja69bUxCJ9EFD0neLLNqQ-HQObZNSO0RncKXYHAAm7KRNh_BdnNiNsgf7811uxyX/messages/@.id==AB2C8QoAAB7CVt76RQlWoPpE1HA/content/parts/@.id==2/raw?appid=YahooMailNeo&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBZRcfTFx9ekGp9E3fhiwxU9BmBxuc2UTjmHlmQVvjcwMQ&error=https://mg.mail.yahoo.com/.../iframemsg?id=8b3f4d35-62b0-8014-bef5-a01e5236c8d7&ymreqid=ee97fb61-4a11-4eca-01aa-b1000b010000

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1457235125&Signature=N-DVwLubBlFizNHysoUp9kg2FhQuINxVRSux0ZtQGiYHVVbyyoyQT70P8PcdvsQon4l0fucsHbeAjIsZOd6rxP~CmlZdFxmXJ3Ap7mX00ft88jvGnIiPgqjuqFwlGO6myWVd7NZxmIuCSN0Wq0e4Hseiv7~1SafkX7G4okPz45o_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=WinOFFSetup.exe

http://gsf-cf.softonic.com/9f4/872/.../file?SD_used=0&channel=WEB&fdh=no&id_file=16263&instance=softonic_es&type=PROGRAM&Expires=1427294599&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=CjzO9trFc7hzdQ79CcyijHdvh1rNAXb5BAugGaa-5AhQgd4pnPGoVmiJ6GkarSoEFjylYQnsw0~khvXer5ddO6gTwepL1QUEhmqyr8I~xqhBIGPiHa~IWf~Z2yL0wuOmRLBLzPJLhNfLIGk4YuhS7yNEBXvM3csoP3wpob6YrD8_&filename=WinOFFSetup.exe

Latest 30 of 36 download URLs

Scan winoffsetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.