acdsee.pro.8.1-270-ru-ru-x32.msi.exe

LLC

The application acdsee.pro.8.1-270-ru-ru-x32.msi.exe by LLC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from work-soft.net.
Publisher:
LLC   (signed and verified)

MD5:
bac00151c9c90a3a0dc42593cdb71125

SHA-1:
af97c7685f9fd2da107bd7c5a3b7da1d279ea8d8

SHA-256:
cd5494682b09e53e7e74eccfd3e7e1acb1e12f6e3cc67c7e28c92304bbe64001

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 2:27:22 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonitize
17.1.28.1

File size:
3 MB (3,195,352 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\acdsee.pro.8.1-270-ru-ru-x32.msi.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
4/10/2015 2:00:00 AM

Valid to:
4/10/2016 1:59:59 AM

Subject:
CN="LLC ""ATTOLLO-PROEKT""", O="LLC ""ATTOLLO-PROEKT""", STREET=Bud. 20 prospekt Georgiya Gongadze, L=Kyyiv, S=Kyyiv, PostalCode=04080, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0090B821653BEEE162DBCA86FD582F505F

File PE Metadata
Compilation timestamp:
7/27/2012 5:49:45 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

Entry address:
0x6D24

Entry point:
6A, 28, 68, 88, 70, 40, 00, E8, 90, 01, 00, 00, 33, FF, 57, FF, 15, 28, 70, 40, 00, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81, 39, 50, 45, 00, 00, 75, 12, 0F, B7, 41, 18, 3D, 0B, 01, 00, 00, 74, 1F, 3D, 0B, 02, 00, 00, 74, 05, 89, 7D, E4, EB, 27, 83, B9, 84, 00, 00, 00, 0E, 76, F2, 33, C0, 39, B9, F8, 00, 00, 00, EB, 0E, 83, 79, 74, 0E, 76, E2, 33, C0, 39, B9, E8, 00, 00, 00, 0F, 95, C0, 89, 45, E4, 89, 7D, FC, 6A, 01, FF, 15, 64, 70, 40, 00, 59, 83, 0D, E8, 46, 73, 00, FF, 83, 0D, EC, 46, 73, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
24 KB (24,576 bytes)

The file acdsee.pro.8.1-270-ru-ru-x32.msi.exe has been seen being distributed by the following URL.

http://work-soft.net/stop/stop/img/2.php?name=ACDSee.Pro.8.1-270-ru-RU-x32.msi&dfu=MTc0MzY=0ba0b12bfa493fd0e4d6c72bce38556a&sec_code=830de&size=71035904&url=http://work-soft.net/.../download.php?id=MTc0MzY=0ba0b12bfa493fd0e4d6c72bce38556a

Remove acdsee.pro.8.1-270-ru-ru-x32.msi.exe - Powered by Reason Core Security