atube_catcher.exe

aTube Catcher

DS NET CORP SA DE CV

The application atube_catcher.exe, “aTube Catcher Setup ” by DS NET CORP SA DE CV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from atube-catcher.dsnetwb.com and multiple other hosts.
Publisher:
DsNET Corp   (signed by DS NET CORP SA DE CV)

Product:
aTube Catcher

Description:
aTube Catcher Setup

MD5:
ff37fda6128baa123aa974c9f1fd3cea

SHA-1:
8e8b0080736281b25dfc267817c81164d35740cf

SHA-256:
3b03fae6bc278da261daabf11e5c52bdfd8762b87fdd68933abadfa8f09c5589

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 7:29:28 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Atube.Optional.Installer.Meta (M)
16.2.11.0

File size:
16 MB (16,806,776 bytes)

Product version:
3.8

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\atube_catcher.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/9/2014 8:00:00 PM

Valid to:
7/10/2015 7:59:59 PM

Subject:
CN=DS NET CORP SA DE CV, O=DS NET CORP SA DE CV, L=BENITO JUAREZ, S=DISTRITOP FEDERAL, C=MX

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
159B1F7449919B3EBF8FF194D5D7C038

File PE Metadata
Compilation timestamp:
10/13/2013 4:19:32 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:oyNi/bZJPAgOA/gqRd6gh7VN6HJXrLHbC6tc2d1vcFXBOt6sNpaI3:ooi/bZJPFOiz6H9H7xTL0q/naI3

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9990

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file atube_catcher.exe has been seen being distributed by the following 50 URLs.

http://atube-catcher.dsnetwb.com/get_latest

http://dw4.uptodown.com/dl/1409707857/.../atube-catcher-3-8-7973-multi-win.exe

http://gerenciador.nzs.com.br/nocache/programas/urls/iron/.../atube-catcher-35-12-4102792.exe

https://dw.uptodown.com/dwn/Piu3Zb8rNvS-URS_5utHlp2tfi-1YMtyKoUSlcShm-UeyJ7PvZPIGMxD2qCtKDOxXY9OwUx9OyxiBFg61SAOFl2vSxfIk1565v9Zw837wp8KzjNLrSyQk0AnaLEjD9kq/erSNY2QYDl6SjQsTGBB8v-FMAYpR_zBmZU7YtVlbT4lVO0HSaFdX5siJpaLmXaAhegmBMPTioXZlpwsVNG15OBEDx4wCYCuC0vgG03TCy-cRqYTVnRKIW3PgReMNN0za/Zb-1zrj3r81YEdGipk8H_XedjHSzrN5LYVyjoR_fl7EiAe6CfR33ikJ812dhz2iz9Ody6A7KYDO_b2SfoL-c7gt8402fEaZ78LuOVxrMzvKWB9t9VeJiGhYjIy2x1SP3/.../

https://dw.uptodown.com/dwn/o8hWd51RzkkTCV81t4xxyINYMPATauz3HvXVfG_9ikEEb_nrc909BdG_kxXC9QCqHp8Cauj-xF-ZvBjImJmbNV2qEtTiSzH0uJaer2ZgQqx49QoMARMyD7Tj297DX2Gy/bXHfeSvljFoflyfty6FZMqpcCuUaQFHtc5fJTTj-ovlEQtR79_63mDLlVLzxdWLtlwCcqUgYQ-hfgYBeAlC6MKm0e_eJWv7ojeHy7Ih7_S6U1xU6VT46GIgv9k-WdT9L/1b8o5MzVK12iiKYPQAuQbyKq1wzCA6JrgP_UYCDtlXhUe6WdAUbYppcrvWUmQy76GYR23TfrVC4pfNgBKm_QX906Hyk5TsV8JmFIlL0x4C0UfU-X-WwGiwmDqB7nkwMQ/.../

https://dw.uptodown.com/dwn/J6vsYkztJOd9GbpHnliL8octGKaj7gYR68uBdwlUNw_DMYw26dYWs2rfExtlKNaxBEYe9H6mKqoFVIDRz_ELNZYFCTf9R6QJFivkYLIi1SsK0_N6H2THU9homkDdSJ5s/wDjV8qpHZqH5hy4h7xgSq2pTXwGRIVjn6aIEmW1aEUCqpAM0NddhU-ybkK1-eYCFnfT2TdLlRFWkypY2k-5ELjZ1LLgmPZbKwSN2zrTtXk3y65u3FGMWJ8YnC-aE5XJa/0rkVfIOXzDSbMdQrFh06sixeEriOHQNgrj_CmwM8e9L34f5npUWGKGQOqpmCv1x-uPBybRlaScH-sH9zrJnXUG4iFq2s7ReVlYN6KIvN3QrujiTcmrkZB7XJdQoaWDGa/.../

http://dw.uptodown.com/dwn/SOk_dLJmPdt2BVPKmZa50DmS1XrxTgPATXWP9YFEJsc7r8B_P8q2QMPCUG2HvDfsAbpW6mb9n10LnRcLtbPNRrPdfw-06QLlUQmc41NOetpMTeKRM1LP10_N_GPsyGtf/O2TkKUdX8ydAH2WUxCMgBhdmeTrl9XwRj__w8sHopp_hgC1EIhRI4Cz7dMTc9pstZ_Euxg1HaSpStpJcl-n2LW9ELopJsy0xftTVhRKSbyR4Z2QEXhIsbkeftNR6C4S8/.../

https://dw.uptodown.com/dwn/2gIaaVGIagfddMld11-RHI4uqYux5VvxCJu6OxTQ7wM5biDdzJZ3GHiEf4tFGwwS127Ox63rH8X9vosgE9bTU3SIoDj0eG83mvk-Tf49xD32mZA5Wj3k2W3kt8B9Drmg/ifl9mwfb6aa1K94wLb6ncBIQJ38yvA8WsUT3Eq7Ywh5IPfqepUHSCbFZjflO8I4z6VUBUs-HC_9Vcq9_pgstOpJvcF9M370LPzlV2uU2-RfFc3XOY9IVinrQxClZqXSF/rU4ugFHIFOBE-498ZnWN4ynzUNW9R9IGR1-S8kIYJ875oRH7JDuZrJ4IkRlYMzw7TcyD45AY6uTH8ksvUQniFqxpkpPPMBsXV5Ph7Z9GJ6xxcjp3Un3eK4KVncAfXXI7/.../

https://dw.uptodown.com/dwn/MSb0SK_fdj7PjgLRkj1hyVFihdLLcCE1KyzJ-RLiJLO1GOrUvREL6bTBWu774ABa3L-dvBa4aL8TeU3IlZCCYT7oAMltLydDEQq1jYfPNI7nfOyNEA9hccZs40NhNW7u/T6B_UXBv8tcnnOmjIxILDAg9er6x551nbAqZlSce4AIpN30nGS75BpD85OtRp1_m7_Af8HgspKAp48iZ_R__rf45vMK7nE7IcP81WyfFw990Knz4D-4zSE_LyW8SN4gK/_s7TX7W5rhKJXeWkMDb0rJbGfRSuj7eYPNmISz_YD483Ou5iT0bzSsD93h1xk3UtvS2SRpteKx8DFYcjCrHf5Fk1MVJT6VBB_Yg6UwN8SBtuobr7GylM5kZURQv5ztxv/.../

http://bmail.uol.com.br/attachment?msg_id=NzQ0MQ&ctype=aTube_Catcher.exe&disposition=attachment&content_id=<56b4cc51c67e5_c8a15c79b8593c85094b@a4-winter10.mail>&folder=DRAFT&attsize=23156004&content_id=<56b4cc51c67e5_c8a15c79b8593c85094b@a4-winter10.mail>&accountId=0

http://dw3.uptodown.com/dw/1406564417/.../atube-catcher-3-8-7973-multi-win.exe

http://dw7.uptodown.com/dl/1408537487/.../atube-catcher-3-8-7973-multi-win.exe

https://dw.uptodown.com/dwn/TqAeOG2NCFsfgvluKel106AmNjFR7-M9VB-VsglmebbhLlZ3DbB6CUaXFN4VoEFu20Jt0VMbz2a_erGFso776bZDu2ol6bGIEljKFDLy8PilLBLg7UV9WUZ7FPxPrjSw/DnwN9SSUXsbGirqWfc78JJHY3eKVN0OVXoKzFPCGxchomvIx9zcW5y0ig4UBGE29SKKOMmlHdug9lZ_AC8rKR9ZY2V-KJjU6MPqlMlSwrWbKdYvV-uJGyi2N3EhxPWFV/SStgqyEULMDZMxMFmOz2c_4d77ExhEycsipN0ZTfyKadwTxU5MRi6UWnvR370KTc5w5kO2_nwm-70UBlB1y8myuhzfLXr5QwIsvvmQxAN8YZb3A41smVc7VQ8xCfzeKQ/.../

http://dw.uptodown.com/dwn/TLanF_5CIrL3NbX9HkdT1qA8GjhUyXN8Y9sYPfem946Xte94PH1ncj2IWqnahkA2pTPBavdm5wFzfgSyY3-GAYhzLmtEOhYJ4xT8L3fx7A4Ngwhl6HQn4G4K2-4qyh-D/oHuJj8s4_fPFXi0eM5HGDzFN-5xFaQx6Lv7X4qFy3UVTj6qUXte6cg5ihxNMHlbChj5f3JgE1Ze9DSUibcY41Et7sncrnzZQBIqQKv819zEyxom1nSSuGZ4DLKSnK3YI/.../

https://dw.uptodown.com/dwn/5X5S_IsL1uJUaIQCTtvJ5h1FVkver-KhRK36Nm2WruAlQS7f5YudmemjynDw5_AcHsLh0kgtKa6bxoGtYDB0mtYLoPGFJTHmkGJL0hu0x97tHMDxSlWImx2is2pSCNoy/i7JFIoWpyr_es5Pj-8P8TyCuB1wF2nhiBTzA0und1jp9M212do3BhaYrG-KD01frrA8XE9SXaXDwd_SRCB_O4NrhSX2-cJj7GrxgMg6KPYuNzlcP_tMzon5PmTbF5E2i/Oa6woKafzWXhE6tbRe_0aYJt4exM1rFSFdvHIMPOBq0Bpnfxiv7RNEXXfjIGJ3FGbiNAtywSD7VpbIGfIysIs9_O7pGRZ7OzO4uGDS0AwmjBXR8Qtqwe-9ZinfQMe6nZ/.../

http://dw6.uptodown.com/dl/1411529254/.../atube-catcher-3-8-7973-multi-win.exe

https://dw.uptodown.com/dwn/GNVHyOevkSOT38s-GyCcD-QXwqYcmkl9xxIV06qx2BUljwtFZpjkkLw9OCskx1gzSRSCN3YdDy9C9QFQPqUvEjY8r7aF33kU8QawtNCVSWMTuHG1gvCr6umgZFrC829m/8wh5xWdDy5o8rKe876BMsgEVHCrCdFUygOf_Zyb3z2AwwQaTu6yAEXuNW5itFto1v-_URJXLNtcHu_T_03G0V_27oFZyIA87nH8F2Q9Nz_WvFOKM7Z_5gllk3Ur29hO0/Z8j3ZG8cfgQrPE2vkS4xf1jDGzIsvBhon60y7A6mVmwRRyQ0oEOjRUXGskAdNFHpQNYKmNY_p55wO-AM7skELquji2jcEXOtgBNwHc26VFLhxQnJHOECx9rtWTl5ofIT/.../

https://dw.uptodown.com/dwn/-ZVI7jDsNTUNkgGzTLXIaEbhdVhl0jBY5HmFiXphvkD_et27ctZeowlibPfzFAkya70hl-epd1Uwhk1ozcQIZvnw-FBLBzkqpI5x8U2dYwoaZgS9dbnLvNdyUco3tsNo/Ct4XdS62M6ngyzWiRmkQOxPjpMyzTgnD5OrKFnWWKS_bBtB0EQQ5oUdBdixOah2Z2Cq-220gr07-IfHw9NzgN9UbX_J5TXt0wBLVl5lMWt-3jyAB14MHzPLPTESm9_9U/WezVwG6ZgtMNsB6EI1EXvmZkRdXPNYvu92t-AI0x8gTCs4zgS0Mqp3z3zrTEa4JSSEoZeVljht5RQzHTIvAs3L1IUj5MQL4pnzYuzfcwPy7KEOIa9aUOBvzzjeyHubqK/.../

http://dw.uptodown.com/dwn/qFicYjDnM8k8uWXDXSl7bZ8atkde77aCdeCH7BulEp-10yNeIz8HzfXGL-YKhWynekgrk-oou7b4e1MyrZqWVnSEE_9uyNSAIEj6X1AbvDVjEQ7tbxDl4jiygxEDMqdC/5Kd-BwsyrBfs1OUleiEPs4L4i0ahUrntkx3iWvaULLmIXUeQQEQMtNvpR1FSrpVR93Ngp-yfKXePS-5rKdGWMJfQpPCQIXbNQVQ-40JeC51nBdcoGzuAv0-SGMgZF2Hf/.../

https://dw.uptodown.com/dwn/wN7mvxhzh4bh1ZgoakYaDZDqZVohNXnz9-PQ8lfbdhzVl6g2NJk5rXvRY3mQV8J1nU2hUn1QkMLVV1p86cX4yY9xfUHKuJKLisE_7bl8t_nSoZoc2h3fT7aJNkkqyOT6/fbaRkpLNXgxOWgn0wFfu_5b3rgZnkPQ3ctNbRSYePqH-E4Q4FX3gpWXEeRA3JaNJhUDEVrxp9RFtaMZ7YuMvHBjLsNjvEYvMf7AbXleqeeh-odErhxSiG1j5Y-MRKONy/5-p2ixeD6tUydumGCfcEQXXEXEvq7qZT1MNRrdTBNyFoZJm2GV1urc5ELDQRWpol0WRWlmtq4MrognbVKiVHXe7Xf0hI1DjREc7jfyy3TDkrk1XW1bEo91q-PCG0S8SL/.../

https://dw.uptodown.com/dwn/627BDpGzEbpUYIVxjRvmKwfmSU2Qy-1ucHXt2k4GZksJa7h9Z3ja-pcZJb1B1r1CQfNUi9CJQBUO5RjUET7VVunoTniRgXrtu5-i7wwUueSJDpU7d6ff1J4stcjUxCB4/EFuJv7MrGxqq6uujawqEH2Jah5Lk5F9GYdq7NeyPIJ_MLwM2GOwBvQZqfy6jkcpawXWr7sfIEBSRLJnHaNj-deasNbQtjoXPU1KgzoHavSqroNwXlkHZ7GMRJ1asjM_e/nVikoYfOaiWUygoWYPs5JNANQog3UACwhK4a8x3fiJY_NyXvomsWadHU4FCR3Qjg2GPmmKd7kAytF3yF4LLShKfAegfLIMtmlxKyUkhm4m2Zm_YAnikNpZkXEh6wlIkx/.../

https://dw.uptodown.com/dwn/lZmaeUaF00hle8GONUVsWJvcEhThqZHRbrE2Kklj4V77pwdzjrEl4qs0v8VR5Wc5i4D2HD4OXmpuF67QyLt_X6tjdmzLXn022h_7ahj-YG7zZWfvmUEH50jGm25M8v2c/56RYiBjNzTScZ8gVZPIKJgeJjszkY9sgs7vqo161R0hp6M-4SlD3LWoE_6LfFJpkWp87u6V_3OdH70NWG7MGJ3GnWsAqgO4ZF0fOCZ8oGSdb34s_C50RmvCR9vMcgOee/EorotC2vqdPatLt28LLgpU6RHOlQWsDsVLDDBOQySrKYQNkQvxMhKXWFMlnT5ABUSeKPuNkEQktp0S6mlgc5AEdgjhNecVPh8J70YeAt8qkNVrAydMKzebEQpo2heM8Y/.../

http://dw2.uptodown.com/dl/1407116663/.../atube-catcher-3-8-7973-multi-win.exe

http://dw1.uptodown.com/dl/1410357698/.../atube-catcher-3-8-7973-multi-win.exe

http://dw1.uptodown.com/dl/1411442968/.../atube-catcher-3-8-7973-multi-win.exe

https://dw.uptodown.com/dwn/dgoP_WwYy4GZZxsgzVv4DIDtCn2N3lcBFs1w7iMG12hKctkCEofGWaAhvmh1Ln29hB6cMC4lRqVvsE-SqGMBz-6LjYWWFnFCbOHxT523ufLersD2_LRc9sLnThAebRxC/tl7DsiE733Gh_oEfJLHfbAwM4xSewpU6RyolS-DwNTQeDpTyyCLb4tGvxdu9VqFB3ajTbzIvRjDRJAs5PHn_ofJMoEDJ1cd7gY-bZtBp0b0fh1zIafdY5YVLAnMUp4zQ/sp1AexihX8qjJJXWVe0EIohowfao0klx9_dIF_MgnpaULUTiNYOtZjFSAYySqnj4SWHIdUGK5ZXMgr_mj0n6Hq6lGuvMtdtKk1c4N8nLA7KCxCI39jNahQZIZSHIBQR0/.../

http://dw4.uptodown.com/u2d/.../atube-catcher-3-8-7973-multi-win.exe

http://www.filepuma.com/file/1476711085c6351/atube_catcher_3.8.7973/.../0/

https://dw.uptodown.com/dwn/T6WBLqhDLvR1IXmAPq6eSUu-Kwd1cPZzlAE8-Sk5nU1ckeiD81PfQKkI7zo8otngdgCqJm1Y7MlEEUbChD9pU55u9hcQvEmxc2wON3xsOivAfNN0YcEwd9K7c1ghMhR8/UcwPNNe_ftRAeLvKgp3HcXIiR1SYK58IfGlTA37_LZfsV2iFXbhNsuJxKwuHwjuboj8_H0K1Uby2NiFl9m16tUWuAipZoq8sNGnK8sU90VCpyEANR1PV8jnjrWuKIRYv/TcCDsClArKQtziNRUD3-cWK9RrBMX04lvjwmWMc5ZURr_ARzS8hQEkCox75eApdHmQraxzbO7opVJTBQ_jI9ZybA6gvbkc8B9lLabTSOq5F5bvaTlMy3YcvXcY90LPku/.../

https://dw.uptodown.com/dwn/xx6sKiGMUDc-EfMxUAcnKZmzbCoSFmj_2Sd2IMCljN1weyqVNW8mnq5a0ULvziDQ40ZWtMEeF4l0LgiuWVB7NJGcOuYO2DL3bfTFyNWAlYXBa7vmv00siGftLfSPG3rw/sZM99YtFj5DHAwyMvgoW4op9bhr2B-cu0Ujl_fc5_rC7knyPmI6Xa4f6P1HFk57Kj5fWuQaQGiYZ0Esc5MLFFaOKVnSHU4bxc6ECdvBKDD9CCHti-LscSTM2by4XiwNJ/jSIWyGDlyWC7q0bybNCcyV8mIg-dom3aSsJQ15MRId4UtCF6za8fxaFr78d-jdBmiIcqqDa33MR8bkn3ZKqGSLf2ugQvHsq2znNEiCA8PFEMzzOAUdk1BO24NKaU80DU/.../

Latest 30 of 100 download URLs

Remove atube_catcher.exe - Powered by Reason Core Security