appsteinsetup.exe

Montiera Technologies LTD

It is part of the Montiera web browser toolbar monetization platform which injects browser search and advertising within the user's web browser. The application appsteinsetup.exe by Montiera Technologies has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This file is typically installed with the program Appstein by Yontoo Technology, Inc. which is a potentially unwanted software program.
Publisher:
Montiera Technologies LTD  (signed and verified)

MD5:
58a98b0c5b5c01ec6c71b80a908e32a7

SHA-1:
c2bded5e4e0fcbc0c0b62a1ce34f5495703ccece

SHA-256:
56567435a8ecbe871f25cbde93d904b3fc492c7bcdb475c79ee4e0ee58f3803c

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 8:01:08 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Downloader
7.1.1

AVG
Montiera
2016.0.3204

Baidu Antivirus
Hacktool.Win32.Montiera
4.0.3.1529

Dr.Web
Trojan.DownLoader11.22262
9.0.1.040

IKARUS anti.virus
not-a-virus:Downloader.Montiera
t3scan.1.7.5.0

Kaspersky
not-a-virus:Downloader.Win32.Montiera
14.0.0.2513

NANO AntiVirus
Trojan.Win32.DownLoader11.dcoupy
0.28.2.61861

Qihoo 360 Security
Win32/Virus.Downloader.250
1.0.0.1015

Reason Heuristics
PUP.Installer.Montiera
15.2.9.11

Vba32 AntiVirus
Downloader.Montiera
3.12.26.3

VIPRE Antivirus
Montiera
32698

File size:
833.9 KB (853,896 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\appstein\appsteinsetup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
7/22/2014 8:00:00 PM

Valid to:
7/23/2015 7:59:59 PM

Subject:
CN=Montiera Technologies LTD, O=Montiera Technologies LTD, STREET=Harbert Samuel 46, L=Tel Aviv, S=Gush Dan, PostalCode=6330303, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CCD3CD85F8C32F5C3FF9264E1A57C07D

File PE Metadata
Compilation timestamp:
7/25/2014 9:34:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:RrdVSGEnO5KfJcUSLDnL2PaKhEbOAt+1t8jJSBds70lG:RrdVSGE+gJ9Sz2iK2bOAIPtX9

Entry address:
0x12B48

Entry point:
E8, 73, 6A, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 10, B3, 42, 00, 00, 74, 05, E9, CF, 6A, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83...
 
[+]

Entropy:
7.8271  (probably packed)

Code size:
121.5 KB (124,416 bytes)

The file appsteinsetup.exe has been discovered within the following program.

Appstein  by Yontoo Technology, Inc.
Appstein is an Internet toolbar/plugin (for Internet Explorer it runs as a BHO, in Chrome and Firefox it will run as an extension) that plugs into the user's default web browser and will modify a number of settings such as taking control of the browser's search and home pages, new tab functionality as well as DNS 'not found' redirection.
appstein.info/support
82% remove it
 
Powered by Should I Remove It?

Remove appsteinsetup.exe - Powered by Reason Core Security