atube-catcher_291328.exe

Unilogic Informática Ltda. - ME

This is part of the Installmatic installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application atube-catcher_291328.exe by Unilogic Informáticaa. - ME has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Installmatic Setup installer.
Publisher:
MultiInstall  (signed by Unilogic Informática Ltda. - ME)

Product:
MultiInstall

Version:
1.0.3.1

MD5:
85b6b343d3ae1bfc1f8e47d72e099da1

SHA-1:
c091726bbff3fd38eb10df47561a4745c4cc82a6

SHA-256:
25f25117486a32175849d896357f86c6e44e7a72ce2462c80120fd69c81664fa

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 1:57:25 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installmatic (M)
17.3.14.19

File size:
1.1 MB (1,172,064 bytes)

Product version:
1.0

Copyright:
MultiInstall

Trademarks:
MultiInstall

Original file name:
MultiInstall

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Installmatic Setup

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\downloads\atube-catcher_291328.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/23/2013 10:00:00 PM

Valid to:
1/24/2014 9:59:59 PM

Subject:
CN=Unilogic Informática Ltda. - ME, O=Unilogic Informática Ltda. - ME, STREET="Rua Formosa, 79 - CJ 103", L=São Bernardo do Campo, S=SP, PostalCode=09626-060, C=BR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FD8880A4A691E96F314BC15B8A648DEB

File PE Metadata
Compilation timestamp:
3/22/2013 7:11:23 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

Entry address:
0x13B4

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 98, C0, 4A, 00, A1, 8B, C0, 4A, 00, C1, E0, 02, A3, 8F, C0, 4A, 00, 52, 6A, 00, E8, 0F, 94, 0A, 00, 8B, D0, E8, 2E, 82, 08, 00, 5A, E8, 8C, 81, 08, 00, E8, 63, 82, 08, 00, 6A, 00, E8, 4C, 98, 08, 00, 59, 68, 34, C0, 4A, 00, 6A, 00, E8, E9, 93, 0A, 00, A3, 93, C0, 4A, 00, 6A, 00, E9, 43, FE, 08, 00, E9, 7A, 98, 08, 00, 33, C0, A0, 7D, C0, 4A, 00, C3, A1, 93, C0, 4A, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, B4, 00, 00, 00, 0B, C9...
 
[+]

Code size:
684 KB (700,416 bytes)

Remove atube-catcher_291328.exe - Powered by Reason Core Security