brett_rossi_fresh_air_play_time_2013.exe

Zona installer

Destiny Media

The application brett_rossi_fresh_air_play_time_2013.exe by Destiny Media has been detected as a potentially unwanted program by 27 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from dl4.getz.tv.
Publisher:
Destiny Media  (signed and verified)

Product:
Zona installer

Version:
1.0.0.0

MD5:
7fd44e9c67bed49864dadacf4df35f57

SHA-1:
c0a608583d06e80ad5090e2a3faabe79c7dc4776

SHA-256:
15fb5c8b262cc0b2de09557ace2be649dee5e283bfb1d25de3d32014017a3de0

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 7:36:09 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.BR
6143770

Agnitum Outpost
PUA.ZvuZona
7.1.1

AhnLab V3 Security
PUP/Win32.Downloader
2014.12.16

Avira AntiVirus
APPL/Bundler.BR
7.11.195.250

avast!
ZvuZona-A [PUP]
141214-1

AVG
Generic
2015.0.3259

Bitdefender
Application.Bundler.BR
1.0.20.1750

Comodo Security
Application.Win32.ZvuZona.A
20387

Dr.Web
riskware program Program.Zona.28
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.BR
9.0.0.4668

ESET NOD32
Win32/ZvuZona.A potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/Generic.AC.2350
12/16/2014

F-Prot
W32/A-5dd595cc
v6.4.7.1.166

F-Secure
Riskware.Application.Bundler.BR
5.13.68

G Data
Application.Bundler.BR
14.12.24

IKARUS anti.virus
PUA.ZvuZona
t3scan.1.8.5.0

K7 AntiVirus
Unwanted-Program
13.187.14339

Kaspersky
not-a-virus:Downloader.Win32.AdLoad
15.0.0.543

Malwarebytes
PUP.Optional.Zona
v2014.12.16.08

McAfee
Program.ZvuZona
16.8.708.2

MicroWorld eScan
Application.Bundler.BR
15.0.0.1050

Norman
Application.Bundler.BR
04.12.2014 14:30:06

Panda Antivirus
Generic Suspicious
14.12.16.08

Reason Heuristics
PUP.Installer.DestinyMedia.e
14.12.16.7

Rising Antivirus
PE:PUF.Zona!1.9E06
23.00.65.141214

Vba32 AntiVirus
Downloader.AdLoad
3.12.26.3

VIPRE Antivirus
Threat.4150696
35418

File size:
254.8 KB (260,960 bytes)

Product version:
1.0.2.6

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Language:
Russe

Common path:
C:\users\{user}\downloads\brett_rossi_fresh_air_play_time_2013.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/19/2014 1:00:00 AM

Valid to:
7/19/2016 12:59:59 AM

Subject:
CN=Destiny Media, O=Destiny Media, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1C1DB725B804FCDECB65D559B70318AB

File PE Metadata
Compilation timestamp:
8/7/2014 12:15:54 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:4d/oKyhlMI4s9hs9gqt8sHE8Ywe3Mox+pqoSSVgH:4Jhlsnstn+LroSSk

Entry address:
0x99B90

Entry point:
60, BE, 00, 70, 46, 00, 8D, BE, 00, A0, F9, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, EC, 75, 09, 00, 57, 83, C3, 04, 53, 68, 7F, 2B, 03, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
208 KB (212,992 bytes)

The file brett_rossi_fresh_air_play_time_2013.exe has been seen being distributed by the following URL.

Remove brett_rossi_fresh_air_play_time_2013.exe - Powered by Reason Core Security