archive.rar.exe

IT BANK DNA LLC

The application archive.rar.exe by IT BANK DNA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
IT BANK DNA LLC  (signed and verified)

Version:
5.1.0.0

MD5:
5b9c7ca42a457e08406fa10b8d41951b

SHA-1:
54dc5c519ddc81868e583c8be425e405dc98c338

SHA-256:
775495d96ecc29970a48f755ca747b4beafd595a6ed2abc6d8172e673474af4d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 6:01:34 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
17.3.5.18

File size:
2.3 MB (2,381,744 bytes)

Product version:
5.1.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\программы\archive.rar.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/16/2016 3:00:00 AM

Valid to:
2/16/2017 2:59:59 AM

Subject:
CN=IT BANK DNA LLC, O=IT BANK DNA LLC, STREET=Mayakovskogo 68, L=Kiev, S=Kiev, PostalCode=02232, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
129C7B8674EC0156089832CA5A23E0F6

File PE Metadata
Compilation timestamp:
3/21/2016 4:10:05 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1245FB

Entry point:
B8, 84, C8, BB, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 4C, 31, 9A, F2, 2F, 82, 68, 13, 2E, 11, CA, CA, BA, 4A, BE, 79, BE, 78, 65, 40, BE, BD, AF, 4D, DD, 92, A7, 5E, 87, 86, BF, 32, B1, 97, DA, 5E, FD, 65, 91, 8A, D2, E4, 81, 21, 08, 35, 9D, FA, 33, E9, 30, 8A, 2F, 7D, FE, 11, 29, F0, 17, BD, 39, 14, A5, 49, 85, 1C, 96, 37, 3D, B6, 7E, DF, F5, BF, 04, 8C, 5C, 6B, FC, 11, A8, DE, A9, 59, D5, A5, 8C, 8D, 56, 3C, 95, 5E, 80...
 
[+]

Packer / compiler:
PECompact v2

Code size:
5.3 MB (5,592,576 bytes)

Remove archive.rar.exe - Powered by Reason Core Security