advanced-systemcare.exe

Setup Manager

QUALITY SCORE SL

The application advanced-systemcare.exe by QUALITY SCORE SL has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from audacity.205descargas.com and multiple other hosts.
Publisher:
K  (signed by QUALITY SCORE SL)

Product:
Setup Manager

Version:
2.7.12.383

MD5:
f8de55adf5a95c6b1cc7214fad941687

SHA-1:
2c6b241ffd88e1edf551cd83ed58d2db9b4deb62

SHA-256:
0f989116bbabb85c4d61806ed0b24773d53915f798bfb9879043380d18a8f2b2

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 4:25:31 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.QUALITYSCORESL.T
14.11.13.23

File size:
271.3 KB (277,816 bytes)

Product version:
2.7.12.383

Copyright:
Copyright © 2013-2014

Original file name:
i2Dyn.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\advanced-systemcare.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/1/2014 7:00:00 PM

Valid to:
1/2/2015 6:59:59 PM

Subject:
CN=QUALITY SCORE SL, O=QUALITY SCORE SL, STREET=CALLE SERRANO 213, L=MADRID, S=MADRID, PostalCode=28016, C=ES

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4AB0F061E1C305B4B31A8ACE3AEA2E01

File PE Metadata
Compilation timestamp:
11/11/2014 2:51:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:xgRs6/Lbkw+Md+yIEkoquQnlLnC/Al3+cdEli5HAQYGwa7VftJ4a:+G6/XdEyIEkoqu6lLnC/Al3+cdEli5Hf

Entry address:
0x3E9FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1983

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
243 KB (248,832 bytes)

The file advanced-systemcare.exe has been seen being distributed by the following 50 URLs.

http://audacity.205descargas.com/.../audacity.exe

http://offersrepo.com/download.php?signature=qualityscore&downloadName=winamp-player.exe

http://libre-office.205descargas.com/.../libre-office.exe

http://virtual-dj.205descargas.com/.../virtual-dj.exe

http://whatsapp-for-pc-free.softgratuito.net/.../whatsapp-for-pc-free.exe

http://offersrepo.com/download.php?signature=qualityscore&downloadName=windows-8-1-system.exe

http://offersrepo.com/download.php?signature=qualityscore&downloadName=atube-catcher-videos.exe

Latest 30 of 50 download URLs

Remove advanced-systemcare.exe - Powered by Reason Core Security