» camtasia screen recorder.zip.exe
Overview
Analysis
File Details
Downloads (1)

camtasia screen recorder.zip.exe

Propusan Expansion s.l.

The application camtasia screen recorder.zip.exe by Propusan Expansion s.l has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from solimba.files-download-149.com.

File name:

Publisher:

Propusan Expansion s.l. (signed and verified)

MD5:

5284c73a7eeb31e3c438b94cb89a3507

SHA-1:

4a41a2e134ae8c7998a74e393006cb79060456fd

SHA-256:

06d4aef4364aeeb003146f3436b6172d08d414881ab40cd4ca2f45b534af28f6

Scanner detections:

1 / 68

Status:

Potentially unwanted

Explanation:

Uses the Solimba installer to bundle adware offers.

Analysis date:

11/27/2024 5:41:42 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Solimba.Propusan (M)

16.5.27.8

File size:

522.1 KB (534,600 bytes)

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Digital Signature

Signed by:

Propusan Expansion s.l.

Authority:

GlobalSign nv-sa

Valid from:

12/18/2014 4:37:22 PM

Valid to:

12/18/2016 4:37:22 PM

Subject:

CN=Propusan Expansion s.l., O=Propusan Expansion s.l., L=Badalona, C=ES

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112173CDF53299BEB67263874E91B73F31B9

File PE Metadata

Compilation timestamp:

2/5/2015 11:09:16 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

6144:IizFwL/mXO3JADVXfObH4FpBvbNWMOT5s1btcbDD4XjAcdiXyKD1AQfDNopqCl+D:IizFQuXOCDVfgABvBWAtq0uD1AcsYB

Entry address:

0xB92C

Entry point:

E8, 57, 4D, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, A0, 09, 42, 00, E8, 3E, 15, 00, 00, E8, 28, 4F, 00, 00, 0F, B7, F0, 6A, 02, E8, EA, 4C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 85, 42, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

7.6937

Code size:

96 KB (98,304 bytes)

The file camtasia screen recorder.zip.exe has been seen being distributed by the following URL.

http://solimba.files-download-149.com/misc/.../?src=rmd&file=Camtasia screen recorder.zip

Remove camtasia screen recorder.zip.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.