home

allmyapps.exe

Allmyapps

The application allmyapps.exe by Allmyapps has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
Allmyapps  (signed and verified)

MD5:
8a642aeb1accbbc7aee5d44f3eff60e3

SHA-1:
88fec3f4105647daf324d5f3d360c348b125a073

SHA-256:
d20ffe1bce2d97f075d8faf55a80f3b3b13a2d2c9244abb1002742b6c7583306

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 12:00:36 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Allmyapps.J
14.2.21.19

File size:
6 MB (6,326,992 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\allmyapps.exe

Digital Signature
Signed by:
Allmyapps

Authority:
The USERTRUST Network

Valid from:
12/6/2010 2:00:00 AM

Valid to:
12/6/2013 1:59:59 AM

Subject:
CN=Allmyapps, O=Allmyapps, STREET=22 23 quai du président carnot, L=Saint Cloud, S=Ile de France, PostalCode=92210, C=FR

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
009D380BB9DF58B350F1D85FDF834E5CBE

File PE Metadata
Compilation timestamp:
2/10/2010 3:09:37 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:0PlZkiTa072qsLkKi+Y8EFZNtpMnGUgtCcv:0PlZkiTa0Hf8EZNXMnlcv

Entry address:
0xA785

Entry point:
E8, E3, FE, FF, FF, 33, C0, 50, 50, 50, 50, E8, BE, 2B, 00, 00, C3, 56, 57, 8B, 7C, 24, 0C, 8B, F1, 8B, CF, 89, 3E, E8, F6, A7, FF, FF, 89, 46, 08, 89, 56, 0C, 8B, 87, 1C, 0C, 00, 00, 89, 46, 10, 5F, 8B, C6, 5E, C2, 04, 00, 8B, C1, 8B, 08, 8B, 50, 10, 3B, 91, 1C, 0C, 00, 00, 75, 0D, 6A, 00, FF, 70, 0C, FF, 70, 08, E8, D5, AC, FF, FF, C3, 55, 8B, EC, 83, EC, 1C, 56, 33, F6, 56, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 40, 22, 41, 00, 85, C0, 74, 21, 56, 56, 56, 8D, 45, E4, 50, FF, 15, 44, 22, 41, 00, 8D, 45, E4...
 
[+]

Entropy:
7.9891  (probably packed)

Code size:
66 KB (67,584 bytes)

The file allmyapps.exe has been seen being distributed by the following 7 URLs.

http://dw.uptodown.com/dwn/N-Wd4vKncIZvBR9F8jU3l4th3fUen9_UUU0XT1B3D-4R2Uy02yREbP6A1NTkJn5XalYi4SpPHMbjFSFAWppsCdKoGIQkWGc0WpCPmrYnA_DIzLi3xjW6AnRlPGXeQG-n/ilxoVM7YGZ06kP0j0o8DN2qlXO7gnuH1ML4jbZMiMnDmSenPR2tSVoY6utuTAwrnHz7FPB9vfnXexBD5YIbPKZugPci7JS7oy-uvIccUqUV_zaa0Ey7Pj5Ixey5Q2NDk/LT_LHom8FZ933F7XiarxobRWfWN64Bnc1QRs_ZQ317qk2JD7_1o8KsN__5qRMCyJ0PAb1z8bqTdkmEXznkugNQqBiXAlCAbqq0-Rxv-jMkw8XJWp-rEWm2uyl-7UVbcs/.../

http://dw6.uptodown.com/dwn/9bn4IfrQ0_W4hl5yiOPmOXm5f1VfCKoLhL35uCbzYDmleuuYLN8ZMMjpaboMcmq-PlKW-rQ6yU_gjualRLhatj0R1cmTi6N1aEBMQNr1_m3awm07WgG7QsDrvrP-9i2e/gT39hxYGC42hzNFac6RU67LQpWDKPFHWfK7_i4Asve6yGplkZ7SINe5EPI0BU8Ejm_4S701r6-qmO4aPicDAG24-iUK6jZXz6sLzTgkr2q3gUyqeocVt8LY2FBYefuSH/.../allmyapps-0-9-2-8-fr-en-win.exe

http://dw.uptodown.com/dwn/dPzX3WO9sr7ZCwIPPgLTkseEaDM1_77rviNs0cVSaYwbGNjTr34eVZBr4Ud2rYnRiJQBrD0kjhXDg0HhdlINoiplGNIk_bSgMleATFYVF0gx1JKY5I0NMzQjRarcfx2u/55COETvUdUIHJfyDkcPwasVAUcf9euS6RJTwnQhRu22ZQp6ze9NAMghCDnQEudsbkeR8TioSXAeQZ_kKZA-D2BANY-mOmFEE1nWKY81U1uiOqSYjqi7mpCDKHb60Zh6H/.../

http://dw.ar.uptodown.com/dl/1447742732/.../allmyapps-0-9-2-8-fr-en-win.exe

http://dw.fr.uptodown.com/dl/1426022641/.../allmyapps-0-9-2-8-fr-en-win.exe

http://dc270.gulfup.com/9vjXTM.exe

http://software-files-a.cnet.com/s/software/11/67/20/.../Allmyapps.exe

Remove allmyapps.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.