age of empires gold edition fu downloader__3687_i1920153334_il85901.exe

Smart Inst

GCM

The application age of empires gold edition fu downloader__3687_i1920153334_il85901.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from www.kafiridovishness.site.
Publisher:
GCM

Product:
Smart Inst

Description:
-----

Version:
88.150.53.176

MD5:
ce0aaf1c28bbbec954fcc62edb1d7a40

SHA-1:
d2148db35ded05b6aa8a46dad59b4269dbd57802

SHA-256:
9098c9a8d887cc590530c779c292345a563c5aa20998162ea9638499789b509c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:
12/25/2024 4:37:37 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallMonetizer.GCM.Meta (M)
16.5.23.16

File size:
605.5 KB (620,032 bytes)

Product version:
88.150.53.176

Copyright:
CR 2015

Trademarks:
Pepcyc

Original file name:
build.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\age of empires gold edition fu downloader__3687_i1920153334_il85901.exe

File PE Metadata
Compilation timestamp:
5/23/2016 3:54:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:aDv/moLWaJLWIkI9Ag65IkQgfbtZ8AIhma6SLBGQewp:aDv/mKBIDiGtBjtZ8bFLVew

Entry address:
0x718D

Entry point:
E8, 21, 53, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 08, 18, 42, 00, FF, 15, 1C, B0, 41, 00, 85, C0, 75, 18, 56, E8, 80, 2C, 00, 00, 8B, F0, FF, 15, 18, B0, 41, 00, 50, E8, 30, 2C, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, C1, 83, 60, 04, 00, C7, 00, 4C, C4, 41, 00, C6, 40, 08, 00, C3, 8B, FF, 55, 8B, EC, 50, 31, C0, 89, D8, EB, 03, EB, 00, B8, 90, 90, EB, 03, B8, 83, F8, 58, 8B, C1, 8B, 4D, 08, C7, 00, 4C, C4, 41, 00, 8B, 09, 89, 48, 04, C6, 40, 08, 00...
 
[+]

Entropy:
7.2073

Code size:
101 KB (103,424 bytes)

The file age of empires gold edition fu downloader__3687_i1920153334_il85901.exe has been seen being distributed by the following URL.