adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe

Ukra-2006 LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe by Ukra-2006 has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the TUGUU DomaIQ Setup installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
Ukra-2006 LLC  (signed and verified)

Version:
1.1.8.22

MD5:
2b80b116a8ff3c759291db486e64c61e

SHA-1:
ae6d34979f460d89beb7f3515721b9bf6622a982

SHA-256:
8d4ee521e5a38696b3c14c682b229fd23fd04481ed0133ebf472d001fc7b6756

Scanner detections:
18 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/5/2024 2:57:38 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Amonetize
7.1.1

AhnLab V3 Security
PUP/Win32.Amonetize
2014.09.08

Avira AntiVirus
Adware/Amonetize.tzw
7.11.171.26

AVG
Generic_r
2015.0.3347

Baidu Antivirus
Adware.Win32.Amonetize
4.0.3.14918

Comodo Security
ApplicUnwnt
19446

Dr.Web
Adware.Downware.8379
9.0.1.0261

ESET NOD32
Win32/Amonetize.BN (variant)
8.10379

Fortinet FortiGate
Riskware/Amonetize
9/18/2014

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.3230

Malwarebytes
PUP.Optional.Amonetize
v2014.09.18.11

McAfee
PUP-Amonetize
5600.7003

NANO AntiVirus
Riskware.Win32.Amonetize.delxsa
0.28.2.61942

Panda Antivirus
Trj/Genetic.gen
14.09.18.11

Qihoo 360 Security
Win32/Virus.Adware.84b
1.0.0.1015

Reason Heuristics
PUP.Installer.Ukra2006.?
14.9.18.23

Sophos
Amonetize
4.98

Zillya! Antivirus
Adware.Amonetize.Win32.922
2.0.0.1913

File size:
345.2 KB (353,488 bytes)

Product version:
1.1.8.22

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
TUGUU DomaIQ Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
6/30/2014 9:00:00 PM

Valid to:
7/1/2015 8:59:59 PM

Subject:
CN=Ukra-2006 LLC, O=Ukra-2006 LLC, L=Kharkiv, S=Harkivska obl, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2B3200D1AF3CAC4253C00F000EF4BAB9

File PE Metadata
Compilation timestamp:
8/27/2014 5:01:59 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:vmmFHjLBAD4wDJDXnbj2nENG3JKGbvNfJpiKeB2ash2q:zHBADRXv2VvNfJAKUoh2q

Entry address:
0xAE62

Entry point:
E8, 5E, 45, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 1C, 9D, 3B, 00, 00, 75, 18, E8, 54, 2D, 00, 00, 6A, 1E, E8, 9E, 2B, 00, 00, 68, FF, 00, 00, 00, E8, D6, F8, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 1C, 9D, 3B, 00, FF, 15, 14, 31, 3B, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, 20, 9D, 3B, 00, 74, 0D, 53, E8, 1D, 15, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 3A, 24, 00, 00, 89, 30, E8, 33, 24, 00, 00, 89...
 
[+]

Code size:
69.5 KB (71,168 bytes)

The file adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe has been seen being distributed by the following 4 URLs.