» BicycleDownloaderInstaller.exe
Overview
Analysis
File Details

BicycleDownloaderInstaller.exe

Bicycle Installer

Goldencalf LLC

The file BicycleDownloaderInstaller.exe by Goldencalf has been detected as a potentially unwanted program by 18 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup. It is also typically executed from the user's temporary directory.

File name:

Publisher:

Bicycle Corporation (signed by Goldencalf LLC)

Product:

Bicycle Installer

Version:

1, 0, 608, 1

MD5:

3605217f050c97ad77225e4390a086fd

SHA-1:

c563ccfdf64360a6db5da5941dd43ca29128e407

SHA-256:

1f41e54011387f9acdfe1a9c358addbb7309d20aa9e8edb8c75a221e8ddb1556

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 3:14:18 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Mikey.10506

666

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.YourFileDownloader

2015.04.30

avast!

Win32:Adware-gen [Adw]

2014.9-150409

AVG

Downloader

2016.0.3144

Bitdefender

Gen:Variant.Mikey.10506

1.0.20.495

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Adware.Downware.11073, Adware.Downware.10707

9.0.1.099

Emsisoft Anti-Malware

Gen:Variant.Mikey.10506

8.15.04.09.08

ESET NOD32

Win32/ExpressDownloader.K potentially unwanted application

9.7.0.302.0

F-Secure

Gen:Variant.Mikey.10506

11.2015-09-04_5

G Data

Gen:Variant.Mikey.10506

15.4.25

herdProtect (fuzzy)

variant of tus4pdf-xchange_viewer_pro_2.5_build_309.0___only.rar_downloader.exe (PUP)

2015.7.6.5

IKARUS anti.virus

PUA.Expressdownloader

t3scan.1.8.9.0

K7 AntiVirus

Adware

13.203.15755

MicroWorld eScan

Gen:Variant.Mikey.10506

16.0.0.297

Reason Heuristics

PUP.Installer.Goldencalf

15.4.11.23

VIPRE Antivirus

Threat.4150696

39486

File size:

4.2 MB (4,429,712 bytes)

Product version:

1.0.0.1

Original file name:

BicycleDownloaderInstaller.exe

Language:

English

Common path:

C:\users\{user}\appdata\local\temp\1fn3umglyo.tmp

Digital Signature

Signed by:

Goldencalf LLC

Authority:

Goldencalf LLC

Valid from:

3/27/2015 4:26:58 PM

Valid to:

3/26/2016 4:26:58 PM

Subject:

CN=Goldencalf LLC, OU=Goldencalf LLC, O=Goldencalf LLC, S=London, C=UK

Issuer:

CN=Goldencalf LLC, C=UK, S=London, L=London, E=admin@goldencalf.com, OU=Goldencalf LLC, O=Goldencalf LLC

Serial number:

100001

File PE Metadata

Compilation timestamp:

3/30/2015 12:27:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

98304:msBUte5Cdc19j4xMHEnk/dBoJrwKeI1fsdLkAqhRlo:HBUU58c1l4xsKwoJs8ckphRlo

Entry address:

0x8314C3

Entry point:

E9, 7C, 54, FF, FF, B1, 37, 29, 4A, 98, A6, 9F, 94, DE, C2, 60, F4, AC, A6, 0A, 82, FC, 7C, DE, 52, B8, 24, 82, A4, F8, 86, EA, 08, 90, B2, 94, 9E, 26, 48, 9E, E6, 1A, 1A, F4, 5D, 4F, BF, 0D, 46, CC, CA, ED, 36, E1, EB, 17, DA, E2, FE, 38, 0C, 2C, 56, C2, E8, 40, 68, B2, 38, 7B, 38, 76, E6, D6, 7C, 28, AB, 3A, 84, BF, 56, 77, A7, ED, 6D, A1, D3, 83, AE, A0, 46, 47, 58, 13, 94, D2, 12, DF, 00, 3E, B8, A9, 3B, 6B, E7, E3, D3, 59, D7, 33, BD, 97, 91, 01, 9B, 6E, CC, B0, C6, 8A, 70, 93, FE, 33, 85, F9, 5E, EF... 
[+]

Entropy:

7.9214

Packer / compiler:

tElock 0.99 - 1.0 private

Code size:

796.5 KB (815,616 bytes)

Remove BicycleDownloaderInstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.