home

adwcleanersetup.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from fun-pdf-creator.com.
MD5:
4772c4e584a9a8a8d6a00e3be17baeab

SHA-1:
29634e435564fcb3ef1852865a04d8167626381a

SHA-256:
f7c3e77d9a9f824813be22250137680712952be62f936426622093c29d47e428

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/24/2024 8:40:29 PM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Win32.Sprejy.a!1075357081
23.00.65.15416

File size:
1.3 MB (1,344,305 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\adwcleanersetup.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
24576:7ON6TbyHb5WDwmvVbMLZX8CTCbaiJPY2mViP+zYes3Ok4I58:7ONNHb08IV4SCmTZ+iPks+T

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, A6, 44, FF, 44, C8, 33, 26, 34, 83, 82, 14, 00, 9D, C5, 14, 00, 14, 00, 00, 00, 61, 64, 77, 63, 6C, 65, 61, 6E, 65, 72, 5F, 33, 2E, 33, 30, 32, 2E, 65, 78, 65, EC, FA, 7B, 3C, D3, FF, 1F, 3F, 0E, 6F, CC, 0C, 33, C3, 1C, D2, 9C, E5, 1C, 73, 9E, 0C, 73, 5E, 8E, 73, 16, 73, 2A, 09, A9, 96, E6, 54, 73, 9E, C3, CC, A4, 22, 92, 1C, 42, 51, 2A, 49, 21, 62, 0E, 21, 84, 50, 29, 64, 84, 54, CA, 92, B7, 43, 96, 5D, EB, F3, BD, AE, DF, 75, DD, AE, EB, 8F, EB, BF, EB, AF, EB, 79...
 
[+]

Entropy:
7.9998  (probably packed)

The file adwcleanersetup.exe has been seen being distributed by the following URL.

http://fun-pdf-creator.com/?dl=1&pi=ATA1NZM1Nz7wNw==&osos=VdluDrW3cw==&dr=cHaWck1PDH2j rVP mVyvExthXN3DKV0OSDzcj1QDyDphXAmD3vpDZ0m rcWIXim7dAWSVim7dREhKl0vmAWASDChTMm7dlChV8yAjCyNjMROTnm7K2pDZ1fAjgdOTC3OTnyAw==&pd=2323Um5wcHNGIKFCUmNJ i==&campaignId=9jn0AznyNzL0AZMq

Scan adwcleanersetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.