» zattoo-4.0.5.exe
Overview
Analysis
File Details
Downloads (21)

zattoo-4.0.5.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from zattoo.en.softonic.com and multiple other hosts.

File name:

zattoo-4.0.5.exe

MD5:

818138f9be3cfe2800aa78e80ae703ef

SHA-1:

05606fe00ca7e4f3837d3987a4b4a3d029e3a00f

SHA-256:

c98667e13107d54e4438294b16d84565f9527ffd6310902f7dfeeff2af406079

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 12:44:40 PM UTC (today)

File size:

15.5 MB (16,303,111 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\temp\zattoo-4.0.5.exe

File PE Metadata

Compilation timestamp:

12/5/2009 11:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

393216:cMkfbXXzqp1/d9KihWwIhVBYeEbF3ZNP3IeuKqtpW9+4t3cJ:nkf61/d9/WwISf3nBuKqXQ+F

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file zattoo-4.0.5.exe has been seen being distributed by the following 21 URLs.

http://zattoo.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

https://zattoo.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

http://gsf-cf.softonic.com/056/06f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63414&instance=softonic_en&type=PROGRAM&Expires=1480347250&Signature=PPTWkH9XPTMzhkrbMODVdtAt1p1viRw~o0srY96OMUFfSwxDnQZ~LHnHBy1jnP07qVVLUYflxLX4tLaCKA9XVjsFdrtA07FW569-fQs0MNcltIN0zqJvlr0c2WSIhA13cpybsmIBxtgTXEoq-Wi1M-7KjcKiB0r3uR3At51~BQQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Zattoo-4.0.5.exe

http://gsf-cf.softonic.com/056/06f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63498&instance=softonic_it&type=PROGRAM&Expires=1477610069&Signature=F2q~DzNwKwVDYy01eHnKRc-kb3yAUhEskcWEcZcv4fZIOZdM4q~H1g8dWHtjKkq0tuNXIcI-UBbffFJOUhVW6XMxcCk4Xt5~bCsHtmF7V1POpjlI27wbA3kMViPAja6y0MRoA4br8jpaRQGa2OMbRkMWkH~R4lcRm6jsZUlDj0s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Zattoo-4.0.5.exe

https://zattoo.de.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

http://gsf-cf.softonic.com/056/06f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63414&instance=softonic_fr&type=PROGRAM&Expires=1437895803&Signature=QERGNf8wW-tSAzrq0171uFPOvpbJooWs3RbozFSalUDDWjiPOVVGK8nDKwM2TtvQyC3R9YnKuB89fXUfB-fZRynsdOUDJeSPyySL~Qjr4I2wQoY9rPLImym6kAod5VOT8~AvpKgmtAbCNSDw5uHVcWs3HVmGHu9fe4PyteQMMQM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Zattoo-4.0.5.exe

http://dw.uptodown.com/dwn/JZAL4vYTY_QBScCuy1efX5BM7yfAC78WsbbO9_lcxlgyFEwqknOdEdj2FlI_t61Pld35tx4G2U0Dw6vSTL_svZHEbazwOhPnrMKP8HhhW_fgYAUbAVs7VGaZKivhBOR9/qFbmVLw1kigPraGc3beO50ac6EGpaK0eX0hIjDRGsXgEC6r7RjHi5LiBDNB3geys1ZEa91acRlmSdT73gKqV0de-Rmz8NnIsBa3wYFl3pe9unlxAGm8IqxhJso2G85CJ/.../

http://gsf-cf.softonic.com/056/06f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63414&instance=softonic_en&type=PROGRAM&Expires=1441187898&Signature=QKQEd-CGrxTwMTtOOryMIpGqWJs-SfNZKDCvT-5yWFGUllOw~FDT~QmefOW5kgV7lrNculP-QS1PYgMf0bP5Wy8Pntu1xbmhstuj3mfUMRcldCO2oYIfA7mAkzpjBL4PChBhNP9JNuVY1TfOpK82wdzZVEiwR0oTRIGtJcvCeEs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Zattoo-4.0.5.exe

http://cdn.portalprogramas-download.com/d/.../Zattoo

http://zattoo.de.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

http://dw.uptodown.com/dwn/oQ2MeIx0XOsGxBq813skSsU_nqb1GekBwjIQv2kFdNZTtQCQFcnwTvb50tt2h7v3NO5nvGZX96QbxwgaDobLNd7v0c6eRVQJyqNqe7UhH9h3yNqKVxJaPj8gPsxJZaCR/qrtHWuFXZsy4ZpSaZJf6ZQySldhnWJG0Jc3I5sSzRqbbsUk49rx39BbevPnvIjSUZlklJzTRg9io6UCPxWNr6ATmRPfmtvinZ0OvkNqCx8k_HAwPzY-goyWQT2WowDdk/.../

http://dw.uptodown.com/dwn/USfCW7cf1Qj1uUu_xwj7OixfJ_tyccIGVo0UzQLlpe88_4pjnhlUNGQM9r4TocrIhM72va1xEGC3QFmguygVGc7ivd9inHG2Ja-b94Cq6XLtpV0fwvzP6HJfavqOahA_/eQVgjP1HV3uCYHkMgX14Uw21aTjUVB5uiuZSD4ZtEDZBK43cHwiCM-ZBGbRtiZykfCjXsH4ws5r4Rh0__ICYGuWBSQuWcnIa5ovru6A1fNwTcpwYjaYm5lKlDidYIy9l/.../

http://zattoo-windows.fr.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

http://dw.uptodown.com/dwn/gTl0ACD-SB7kB6WY7O9ZrLwdG7-6gBUEzMxE1s28zGfKW3BJKnuEdp9abvbhus9CmRuCmIhC75qs5TJdI745qg0UcFKXz7_lJCKG0EF7LxQdNzc3vms5tKqhfcMLVvJi/EMm3FYFVV3Tsgyveq2Xb4kmN6M_eXmVecglBypi6Cemt6lyXlQSfXzIUp-4w_ImN7xJCWiLanGWpcbjeId_sxZMAcv41F5fdK0vXud5Mqwu_m-scw5H6_r3_OcsvgpDc/.../

http://zattoo.fr.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

http://zattoo.softonic.it/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAOKkYzUiVWQorfMH2Ywb6QfUNX3mPdrjcTC9T1sSZMTvyr5Qx/RXPnykgAk3JoVIVv9/8iNIyO sQm1SlE PdC/.../y2E99ohtS4=

http://zattoo.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWvGBwIpOyJQHULsGkn/.../QsBnashWZBIuwGOt88c=

http://gsf-cf.softonic.com/056/06f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63498&instance=softonic_it&type=PROGRAM&Expires=1455148625&Signature=el9YGhDxBVhZuMvRBw-vOnP-jukcV4BStdPYnu0DeUjQO9JC~JPGf9QQ8Dv93k9cAYUNJ6TpDKJwsrj0NwbMr8EcRZQQOJXKIg~4BZxRk5FBRuz4NUrVnVtUoil66dMWeM5FQM~qBzWRB1RH2QFvZ6tT0ZpBV2RQOb7ZYJAxKbk_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Zattoo-4.0.5.exe

http://gsf-cf.softonic.com/056/06f/.../file?SD_used=0&channel=WEB&fdh=no&id_file=63498&instance=softonic_it&type=PROGRAM&Expires=1451464184&Signature=VpZFXGSnyzM45p~Wdm4wQcmESF5sJjtCabYXj4Bhhz15aulfugCxO07QMrF~SXJvUMOY1~wxeBseNiGSq3m1XoJVZZ7jzwY0w9oIOb5rp2pfsqESTw14yuQjHgOGPona5gch6y~MqeVQZqUMrAVM0mFGdS288CmLKj8X9sqryMY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Zattoo-4.0.5.exe

http://dw.uptodown.com/dwn/iSV_yKjMKp1iRwC8AStMZ47XeGEsn-rCwY1SwCjqnSKVRBbsRvVnJIwDxH7QrCWzNH3cz3dtPtCT9wZ2XjSzBVKwMkLtOw_Q1So5igp-nYsTrlIQIzYLBqH1PeieaDTa/.../

http://download.zattoo.com/Zattoo-4.0.5.exe

Scan zattoo-4.0.5.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.