» adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe
Overview
Analysis
File Details
Downloads (4)

adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe

Ukra-2006 LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe by Ukra-2006 has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the TUGUU DomaIQ Setup installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

Ukra-2006 LLC (signed and verified)

Version:

1.1.8.22

MD5:

2b80b116a8ff3c759291db486e64c61e

SHA-1:

ae6d34979f460d89beb7f3515721b9bf6622a982

SHA-256:

8d4ee521e5a38696b3c14c682b229fd23fd04481ed0133ebf472d001fc7b6756

Scanner detections:

18 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/5/2024 2:57:38 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Amonetize

7.1.1

AhnLab V3 Security

PUP/Win32.Amonetize

2014.09.08

Avira AntiVirus

Adware/Amonetize.tzw

7.11.171.26

AVG

Generic_r

2015.0.3347

Baidu Antivirus

Adware.Win32.Amonetize

4.0.3.14918

Comodo Security

ApplicUnwnt

19446

Dr.Web

Adware.Downware.8379

9.0.1.0261

ESET NOD32

Win32/Amonetize.BN (variant)

8.10379

Fortinet FortiGate

Riskware/Amonetize

9/18/2014

Kaspersky

not-a-virus:AdWare.Win32.Amonetize

14.0.0.3230

Malwarebytes

PUP.Optional.Amonetize

v2014.09.18.11

McAfee

PUP-Amonetize

5600.7003

NANO AntiVirus

Riskware.Win32.Amonetize.delxsa

0.28.2.61942

Panda Antivirus

Trj/Genetic.gen

14.09.18.11

Qihoo 360 Security

Win32/Virus.Adware.84b

1.0.0.1015

Reason Heuristics

PUP.Installer.Ukra2006.?

14.9.18.23

Sophos

Amonetize

4.98

Zillya! Antivirus

Adware.Amonetize.Win32.922

2.0.0.1913

File size:

345.2 KB (353,488 bytes)

Product version:

1.1.8.22

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

TUGUU DomaIQ Setup

Language:

English (United States)

Common path:

C:\users\{user}\downloads\adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe

Digital Signature

Signed by:

Ukra-2006 LLC

Authority:

Thawte, Inc.

Valid from:

6/30/2014 9:00:00 PM

Valid to:

7/1/2015 8:59:59 PM

Subject:

CN=Ukra-2006 LLC, O=Ukra-2006 LLC, L=Kharkiv, S=Harkivska obl, C=UA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2B3200D1AF3CAC4253C00F000EF4BAB9

File PE Metadata

Compilation timestamp:

8/27/2014 5:01:59 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:vmmFHjLBAD4wDJDXnbj2nENG3JKGbvNfJpiKeB2ash2q:zHBADRXv2VvNfJAKUoh2q

Entry address:

0xAE62

Entry point:

E8, 5E, 45, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 1C, 9D, 3B, 00, 00, 75, 18, E8, 54, 2D, 00, 00, 6A, 1E, E8, 9E, 2B, 00, 00, 68, FF, 00, 00, 00, E8, D6, F8, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 1C, 9D, 3B, 00, FF, 15, 14, 31, 3B, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5E, 39, 05, 20, 9D, 3B, 00, 74, 0D, 53, E8, 1D, 15, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 3A, 24, 00, 00, 89, 30, E8, 33, 24, 00, 00, 89... 
[+]

Code size:

69.5 KB (71,168 bytes)

The file adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe has been seen being distributed by the following 4 URLs.

http://www-squid.cluster11.fb-hosting-apps.com/download.php?version=1.1.8.22&campid=3039&instid[appname]=handbook of personality assessment_Downloader&instid[appsetupurl]=http://go.edgydownload.com/getfast/download.cgi?9&ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:11:51.430243 00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.edgydownload.com/d1/logo150x150.png&prefix=handbook of personality assessment&instid[thankyoupage]=http://download.edgydownload.com/.../thank_you.php?ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:11:51.430243 00:00&parameter=handbook of personality assessment&instid[interrupted]=http://download.edgydownload.com/.../interrupted.php?ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:11:51.430243 00:00&parameter=handbook of personality assessment&ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:11:51.430243 00:00

http://www-squid.cluster11.fb-hosting-apps.com/download.php?version=1.1.8.22&campid=3515&instid[appname]=honda nighthawk 650 repair manual_Downloader&instid[appsetupurl]=http://go.edgydownload.com/getfast/download.cgi?9&ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:59:44.778953 00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.edgydownload.com/d1/logo150x150.png&prefix=honda nighthawk 650 repair manual&instid[thankyoupage]=http://download.edgydownload.com/.../thank_you.php?ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:59:44.778953 00:00&parameter=honda nighthawk 650 repair manual&instid[interrupted]=http://download.edgydownload.com/.../interrupted.php?ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:59:44.778953 00:00&parameter=honda nighthawk 650 repair manual&ti1=1405000&ti2=0&ti3=DD1_2014-09-06T12:59:44.778953 00:00

http://www-squid.cluster11.fb-hosting-apps.com/download.php?version=1.1.8.22&campid=3038&instid[appname]=Rude Magic Mp3 Download Skull_Downloader&instid[appsetupurl]=http://go.venturedownload.com/getfast/download.cgi?9&ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15:29.267303 00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.venturedownload.com/d1/logo150x150.png&prefix=Rude Magic Mp3 Download Skull&instid[thankyoupage]=http://download.venturedownload.com/.../thank_you.php?ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15:29.267303 00:00&parameter=Rude Magic Mp3 Download Skull&instid[interrupted]=http://download.venturedownload.com/.../interrupted.php?ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15:29.267303 00:00&parameter=Rude Magic Mp3 Download Skull&ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15%

http://www-squid.cluster11.fb-hosting-apps.com/download.php?version=1.1.8.22&campid=3515&instid[appname]=Rude Magic Mp3 Download Skull_Downloader&instid[appsetupurl]=http://go.venturedownload.com/getfast/download.cgi?9&ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15:13.208881 00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.venturedownload.com/d1/logo150x150.png&prefix=Rude Magic Mp3 Download Skull&instid[thankyoupage]=http://download.venturedownload.com/.../thank_you.php?ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15:13.208881 00:00&parameter=Rude Magic Mp3 Download Skull&instid[interrupted]=http://download.venturedownload.com/.../interrupted.php?ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15:13.208881 00:00&parameter=Rude Magic Mp3 Download Skull&ti1=2170000&ti2=0&ti3=DD1_2014-09-06T10:15%

Remove adult online tv player 2010 v4 0 0 excelente sintonizador__3515_i1271436317_il2829435.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.