avg anti virus free edition.exe

Sambamedia SLU

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application avg anti virus free edition.exe by Sambamedia SLU has been detected as adware by 27 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. The file has been seen being downloaded from ttb.gufile.com.
Publisher:
Sambamedia SLU  (signed and verified)

Version:
1.0.0.1

MD5:
341cfbe174b20e6b9e5bf1517714bc3f

SHA-1:
dfee7d262f65580ac478143a8160f7c66509fab0

SHA-256:
ea54e4732ec04edc7489b51972a02ce74037b91ce84a89d270c93fa0252b84c9

Scanner detections:
27 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/24/2024 4:18:36 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.OLP
839

AegisLab AV Signature
AdWare.W32.Agent
2.1.4+

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.DomaIQ
2014.10.19

Avira AntiVirus
APPL/Softpulse.Gen8
7.11.179.120

avast!
Win32:SoftPulse-AJ [PUP]
141003-0

AVG
BundleApp_r
2015.0.3317

Bitdefender
Adware.Agent.OLP
1.0.20.1460

Clam AntiVirus
Win.Adware.Agent-16335
0.98/21411

Dr.Web
Trojan.DownLoader11.36013
9.0.1.05190

Emsisoft Anti-Malware
Adware.Agent.OLP
8.14.10.19.12

ESET NOD32
Win32/SoftPulse (variant)
8.10584

Fortinet FortiGate
W32/Buzus.UUTA!tr
10/19/2014

F-Secure
Adware.Agent.OLP
11.2014-19-10_1

G Data
Adware.Agent.OLP
14.10.24

K7 AntiVirus
Unwanted-Program
13.184.13727

Kaspersky
not-a-virus:Downloader.Win32.LMN
15.0.0.494

Malwarebytes
PUP.Optional.DomaIQ
v2014.10.19.12

McAfee
SoftPulse
5600.6973

MicroWorld eScan
Adware.Agent.OLP
15.0.0.876

NANO AntiVirus
Trojan.Win32.SoftPulse.dfwfat
0.28.2.62671

nProtect
Adware.Agent.OLP
14.10.17.01

Qihoo 360 Security
Malware.QVM20.Gen
1.0.0.1015

Reason Heuristics
PUP.SambamediaSLU.BB
14.10.18.23

Vba32 AntiVirus
Downloader.LMN
3.12.26.3

VIPRE Antivirus
Threat.4150696
33706

Zillya! Antivirus
Adware.Agent.Win32.13908
2.0.0.1959

File size:
1.3 MB (1,390,536 bytes)

Product version:
1.0.0.1

Copyright:
Copyright (C) 2014

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softpulse SoftwareBundler

Language:
English (United States)

Common path:
C:\users\{user}\downloads\avg anti virus free edition.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
4/27/2014 5:00:00 PM

Valid to:
4/28/2015 4:59:59 PM

Subject:
CN=Sambamedia SLU, O=Sambamedia SLU, L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1D2678833456F6A11CEBC944E8AFF2C6

File PE Metadata
Compilation timestamp:
10/1/2014 4:36:57 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:KrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPaks:KrKo4ZwCOnYjVmJPa3

Entry address:
0x7D90

Entry point:
E8, C8, 41, 00, 00, E9, 7F, FE, FF, FF, E9, 3E, 27, 00, 00, FF, 35, 94, AE, 47, 00, FF, 15, A4, 70, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 01, 6A, 00, E8, 0A, 49, 00, 00, 59, 59, E9, 22, 49, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 62, 49, 00, 00, 59, 85, C0, 74, 11, FF, 75, 08, E8, C0, 2C, 00, 00, 59, 85, C0, 74, E6, 8B, E5, 5D, C3, 6A, 01, 8D, 45, FC, C7, 45, FC, 84, 0F, 47, 00, 50, 8D, 4D, F0, E8, 27, 30, 00, 00, 68, 9C, 74, 47, 00, 8D, 45, F0, C7, 45, F0, 7C, 0F, 47, 00, 50, E8, 7C, 27, 00...
 
[+]

Entropy:
7.5713

Code size:
85.5 KB (87,552 bytes)

The file avg anti virus free edition.exe has been seen being distributed by the following URL.

Remove avg anti virus free edition.exe - Powered by Reason Core Security