» ainjectr.exe
Overview
Analysis
File Details
Downloads (40)

ainjectr.exe

Android Injector

The application ainjectr.exe, “Android Injector Setup ” has been detected as a potentially unwanted program by 4 anti-malware scanners. The program is a setup application that uses the Inno Setup installer, however the file is not signed with an authenticode signature from a trusted source. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.

File name:

ainjectr.exe

Product:

Android Injector

Description:

Android Injector Setup

MD5:

6249fe7509f25e1490b75995531503d7

SHA-1:

452debe6e299f9cb9c85f997c556a1f2b1bce945

SHA-256:

9f2cbe5d6a149bd2df1da4e50230a1367439d038bb4c81c5d623753a51f23f70

Scanner detections:

4 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

11/24/2024 10:12:47 AM UTC (today)

Scan engine

Detection

Engine version

AVG

OpenCandy

2015.0.3306

Dr.Web

Adware.OpenCandy.51

9.0.1.0303

ESET NOD32

Win32/OpenCandy

8.10492

NANO AntiVirus

Trojan.Win32.Toolbar.deinxo

0.28.2.62440

File size:

3.3 MB (3,426,333 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\downloads\ainjectr.exe

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:1viIjhySSEVtTe6vzluPlhLtbt289AC1Tuwit1scWcRCwVnf+1eo0luLS5Vhb/At:NiMySSEfFzl0mGlkt1B1RFeCluihUcu

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file ainjectr.exe has been seen being distributed by the following 40 URLs.

http://fileshare1150.depositfiles.org/auth-14836327269f8a09d82eab84d63e5acd-186.80.72.13-81968508-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1484786628f1c8abce5bffa0b7faa4db-189.129.92.57-91968858-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1487622069bd7197eaa39030a4286983-186.77.198.145-116035789-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1480591379858f1dd09ac4afdc8e9dc1-186.118.233.188-52980402-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1479257879bf710ea59fcff223ec02b4-181.132.110.216-39906496-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14799326712279700f6e70ee5623ffd9-190.25.195.86-46719397-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-146431784232bddd19a5ed9e07ddee5a-179.7.173.12-2575366783-137735952-guest/.../ainjectr.exe

http://fileshare1170.depositfiles.org/auth-14553235606f2ad878b5070e6654b2a4-187.209.131.58-2467931059-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14652488784b6e5a0c32052153da44d3-186.176.16.151-2586053909-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14609199120a32a3bc62b740cbd0d8c3-181.121.68.5-2535930524-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1473896755c0c858d86d78b323ea1917-186.7.7.247-2682131659-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1475786477bf0c89eef631ea8f8227bb-201.141.123.130-4608171-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1478637513f33c3d0026251b9b9bf023-187.161.93.85-33799335-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14754751818285bae45d6e7f52d8491a-201.230.158.65-1391831-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1475950092ef42bc57954aee69bad4e9-187.190.166.9-6285268-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14763051270a3e75f21f1d871ec50390-181.211.90.181-9887628-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14714104905c5685984fa6749277bbd5-189.247.22.255-2653394488-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1466975892e2674a1dd089839e13bece-190.234.182.214-2605342087-137735952-guest/.../ainjectr.exe

http://fileshare1150.dfiles.eu/auth-1471381264aa74ff4a632ec6a9dea15a-83.42.33.249-2653104294-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14796081124f6ac5e75ffe5f03bbf411-190.236.207.201-43388973-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1477226658cd1349e73ff146101c3e4e-187.138.197.12-19024244-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1477951806ff291576f65acfb46be5ca-190.85.176.123-26784880-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1461418474e31a917f72ae2fb6587ed5-189.156.169.200-2541731397-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1473989943c8acf6cee949e6b921728b-148.101.175.169-2683043936-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-1471940590418b750c58df704fe7e7a3-190.205.181.93-2659540165-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14661827672bd41f3fd3f09799bcc678-190.62.6.92-2596447302-137735952-guest/.../ainjectr.exe

http://fileshare1170.depositfiles.org/auth-1452654348935dda39a23939eda19774-201.240.190.128-2430555068-137735952-guest/.../ainjectr.exe

http://fileshare1150.depositfiles.org/auth-14635120796e9a40f1088c3d02211fed-187.151.141.12-2566239187-137735952-guest/.../ainjectr.exe

http://fileshare1170.depositfiles.org/auth-145564832988482027c0a33cf5a7d3a8-186.134.162.149-2472459990-137735952-guest/.../ainjectr.exe

http://fileshare1170.dfiles.eu/auth-1457463203fdab42d3ba4635a02c825d-87.218.15.94-2492420823-137735952-guest/.../ainjectr.exe

Latest 30 of 40 download URLs

Remove ainjectr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.