avira-free-2014.exe

Setup Manager

QUALITY SCORE SL

The application avira-free-2014.exe by QUALITY SCORE SL has been detected as adware by 3 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from offersrepo.com and multiple other hosts.
Publisher:
K  (signed by QUALITY SCORE SL)

Product:
Setup Manager

Version:
2.7.9.227

MD5:
cfbdd3c6b15c7cf908869cd059577dcb

SHA-1:
2dd955ee28743a63b07d25159e325fd3e745d354

SHA-256:
fb33e6a0280df4ff678fdc3655368bb0a42ac6c980f424f1c1bd7c75f3f0e7c7

Scanner detections:
3 / 68

Status:
Adware

Analysis date:
12/25/2024 6:33:57 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
PCK/MSIL.Confuser
7.11.182.158

NANO AntiVirus
Trojan.Win32.Click2.cxfbox
0.28.6.62995

Reason Heuristics
PUP.Installer.QUALITYSCORESL.P
14.10.31.17

File size:
276.3 KB (282,936 bytes)

Product version:
2.7.9.227

Copyright:
Copyright © 2013-2014

Original file name:
i2Dyn.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/2/2014 1:00:00 AM

Valid to:
1/3/2015 12:59:59 AM

Subject:
CN=QUALITY SCORE SL, O=QUALITY SCORE SL, STREET=CALLE SERRANO 213, L=MADRID, S=MADRID, PostalCode=28016, C=ES

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4AB0F061E1C305B4B31A8ACE3AEA2E01

File PE Metadata
Compilation timestamp:
10/28/2014 6:07:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:9xiE12JAuZVsq7qxRsNvljbfGEEptfu+W1:T1QnVsKqxPrvY

Entry address:
0x4015E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
248.5 KB (254,464 bytes)

The file avira-free-2014.exe has been seen being distributed by the following 17 URLs.

http://offersrepo.com/download.php?__tc=1414925226608&downloadName=wifi-password-decyptor.exe

http://adblock-plus.logiciel-bureau.com/.../adblock-plus.exe

http://vuse-2014.francelogi.fr/.../vuse-2014.exe

http://atube-catcher.soft-es.net/.../atube-catcher.exe

http://offersrepo.com/download.php?__tc=1414768011081&signature=qualityscore&downloadName=winzip.exe

Remove avira-free-2014.exe - Powered by Reason Core Security