» belsekolah.exe__15047_i1748420310_il1011023.ace
Overview
Analysis
File Details
Downloads (1)

belsekolah.exe__15047_i1748420310_il1011023.ace

The file belsekolah.exe__15047_i1748420310_il1011023.ace has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from stateresolver.link.

File name:

MD5:

0db5322ef713424914a4344805d35b09

SHA-1:

51d7219fa5ba006f7e6a8164987eb9111b00645f

SHA-256:

8dc442f25da1a20b0cdfdacde20338f1874bb9fee24c8266b82fd2cee82fcca3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 10:27:59 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize (M)

16.8.2.6

File size:

659 KB (674,820 bytes)

Common path:

C:\users\{user}\downloads\belsekolah.exe__15047_i1748420310_il1011023.ace

The file belsekolah.exe__15047_i1748420310_il1011023.ace has been seen being distributed by the following URL.

http://stateresolver.link/v24150?q=Bel_Sekolah.exe

Remove belsekolah.exe__15047_i1748420310_il1011023.ace - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.