home

boxer dogs for sale in ireland_10924_i6066807_il345.exe

Ukra-2006 LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application boxer dogs for sale in ireland_10924_i6066807_il345.exe by Ukra-2006 has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the TUGUU DomaIQ Setup installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
Ukra-2006 LLC  (signed and verified)

MD5:
a352631e199debd3804c6f1672d4a9ee

SHA-1:
0d602ca2220fbae470c81d0cb3f930e27068f1ef

SHA-256:
ff248975f5cd523e2d2463d48c5ed9e617bf60f3ad90f7699276bc5daaac9063

Scanner detections:
22 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/16/2024 8:27:17 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Amonetize
7.1.1

avast!
OutBrowse-AH [PUP]
150414-0

AVG
Generic
2016.0.3115

Baidu Antivirus
PUA.Win32.Amonetize
4.0.3.1558

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.Amonetize-511
0.98/21511

Comodo Security
Application.Win32.LoadMoney.IARS
22042

Dr.Web
Trojan.Amonetize.2263
9.0.1.05190

ESET NOD32
Win32/Amonetize.CW potentially unwanted application
7.0.302.0

G Data
NSIS.Application.Crypted
15.5.25

K7 AntiVirus
Unwanted-Program
13.203.15849

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
15.0.0.543

Malwarebytes
PUP.Optional.Amonetize
v2015.05.08.03

McAfee
Artemis!8F00B3F9F161
5600.6771

NANO AntiVirus
Trojan.Nsis.Amonetize.dmftuw
0.30.24.1357

Panda Antivirus
Generic Suspicious
15.05.08.03

Quick Heal
PUA.Ukrallc.Gen
5.15.14.00

Reason Heuristics
Threat.Amonetize.Bundler
15.5.8.10

Sophos
PUA 'Amonetize'
5.14

Trend Micro House Call
TROJ_GE.28D9CDA2
7.2.128

Trend Micro
TROJ_GE.28D9CDA2
10.465.08

VIPRE Antivirus
Threat.4150696
39486

File size:
303.3 KB (310,592 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
TUGUU DomaIQ Setup (using Nullsoft Install System)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\boxer dogs for sale in ireland_10924_i6066807_il345.exe

Digital Signature
Signed by:
Ukra-2006 LLC

Authority:
Thawte, Inc.

Valid from:
7/1/2014 1:00:00 AM

Valid to:
7/2/2015 12:59:59 AM

Subject:
CN=Ukra-2006 LLC, O=Ukra-2006 LLC, L=Kharkiv, S=Harkivska obl, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2B3200D1AF3CAC4253C00F000EF4BAB9

File PE Metadata
Compilation timestamp:
10/7/2014 5:40:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:CGC7W7BU5MMqKGqcUz9PbJ5MvmCb1VxhZuSUxq+kNVkvLc:Aa7gDqKGqP9DJ5M+qRhkjg+kNVaL

Entry address:
0x322E

Entry point:
81, EC, D8, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 09, A3, 78, 4F, 43, 00, E8, FD, 2E, 00, 00, A3, C4, 4E, 43, 00, 55, 8D, 44, 24, 38, 68, B4, 02, 00, 00, 50, 55, 68, D8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, C0, 3E, 43, 00, E8, 68, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, 56, 2B, 00, 00...
 
[+]

Entropy:
7.9237

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

The file boxer dogs for sale in ireland_10924_i6066807_il345.exe has been seen being distributed by the following URL.

http://downprov7.downloadfasteasy.com/.../boxer dogs for sale in ireland_10924_i6066807_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.