» ashampoo cover studio.exe
Overview
Analysis
File Details
Downloads (1)

ashampoo cover studio.exe

XXVI-I sequor universe claudo

lacertus cuppedia inquis

The application ashampoo cover studio.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a setup program which is used to install the application. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from get.pyrorepo.com.

File name:

Publisher:

lacertus cuppedia inquis

Product:

XXVI-I sequor universe claudo

Description:

ac mucro

Version:

96.37.7.76

MD5:

264402c0b09ad2b18a4e63b36af5507d

SHA-1:

e0f3869c18f60b940cbd1071278d684269f9caff

SHA-256:

e3aadcd916d66e0e4978ad92bfdca0e8f63521d94fe23d8aab1d260bffa17c2b

Scanner detections:

27 / 68

Status:

Potentially unwanted

Explanation:

Uses the Solimba installer to bundle adware offers.

Analysis date:

12/26/2024 2:03:36 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.Firseria.M

844

Agnitum Outpost

PUA.Solimba

7.1.1

AhnLab V3 Security

PUP/Win32.Firseria

2014.08.07

Avira AntiVirus

APPL/Firseria.Gen8

7.11.166.78

avast!

Win32:PUP-gen [PUP]

2014.9-141014

AVG

Adware BundleApp_r

2015.0.3322

Baidu Antivirus

Adware.MSIL.Solimba

4.0.3.141014

Bitdefender

Application.Bundler.Firseria.M

1.0.20.1435

Comodo Security

Application.Win32.Firseria.MAP

19134

Dr.Web

Trojan.DownLoader11.24441

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.Firseria.M

8.14.10.14.09

ESET NOD32

MSIL/Solimba.AH potentially unwanted application

7.0.302.0

F-Secure

Application.Bundler.Firseria

11.2014-14-10_3

G Data

Application.Bundler.Firseria

14.10.24

IKARUS anti.virus

PUA.MSIL.Solimba

t3scan.1.7.5.0

K7 AntiVirus

Unwanted-Program

13.183.12998

Kaspersky

not-a-virus:Downloader.Win32.Morstar

15.0.0.494

Malwarebytes

PUP.Optional.Firseria

v2014.10.14.09

McAfee

Artemis!36E2119F1122

5600.6978

MicroWorld eScan

Application.Bundler.Firseria.M

15.0.0.861

NANO AntiVirus

Trojan.Win32.DownLoader11.ddphbo

0.28.2.61349

Panda Antivirus

Adware/Firseria

14.10.14.09

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.14.9

Sophos

Solimba Installer

4.98

Trend Micro House Call

Suspicious_GEN.F47V0806

7.2.287

Vba32 AntiVirus

Downware.Morstar

3.12.26.3

VIPRE Antivirus

DownloadMR

32078

File size:

532.2 KB (545,023 bytes)

Product version:

91.46.70.37

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ashampoo cover studio.exe

File PE Metadata

Compilation timestamp:

10/1/2014 5:27:57 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:OTii7YHE7H7yj/TAXHJ3Tsbbai/FkndfZeQB4vxqlWCc:OTii7YHE7e/TQDsb7kndfZxW8lO

Entry address:

0xDFDC

Entry point:

E8, AC, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 08, 6E, 42, 00, E8, FE, 15, 00, 00, E8, 7D, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 3F, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 08, 65, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

114 KB (116,736 bytes)

The file ashampoo cover studio.exe has been seen being distributed by the following URL.

http://get.pyrorepo.com/n/3.1.26/.../Ashampoo Cover Studio.exe

Remove ashampoo cover studio.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.