home

9a4d8ad0-2a8f-3de6-aca4-ed369b2e649b_1d1d9e0f366eb3a

Tolaracol

Gesuk

The file 9a4d8ad0-2a8f-3de6-aca4-ed369b2e649b_1d1d9e0f366eb3a, “Tolaracol Setup ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.bitsguardchuckle.com.
Publisher:
Gesuk

Product:
Tolaracol

Description:
Tolaracol Setup

MD5:
9274c3954fbe3d84d66466beb940361d

SHA-1:
dd0f75be5eb0c5ee32da9c2ce5fa998853523958

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
1/13/2025 12:34:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (L)
16.7.16.23

File size:
941.2 KB (963,808 bytes)

Product version:
5.7

Copyright:
Stub

Common path:
C:\ProgramData\microsoft\microsoft antimalware\scans\filesstash\9a4d8ad0-2a8f-3de6-aca4-ed369b2e649b_1d1d9e0f366eb3a

The file 9a4d8ad0-2a8f-3de6-aca4-ed369b2e649b_1d1d9e0f366eb3a has been seen being distributed by the following URL.

http://www.bitsguardchuckle.com/c?x=hTwfJlkQjhviGjWPg1AosBTKcTehWV1s/k4yKEbWuZ8=&c=gzbzkSjnvocXkMU LRAewYl3ppqF1/YZ5lt4xi15qHce8nC/tyo2zQzbymncpCIHBcZfjV8ex4H7bLRPV6m0NDsy1KmUadw3A1efMXEiekphJNZq/gq8/l6hR8c9bN0d&downloadAs=TeamViewer_11056083_.exe&fallback_url=http://.../get.php?file=a4e12908&m3

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.