» cdc serial driver downloa_10924_i70912053_il345.exe
Overview
Analysis
File Details

cdc serial driver downloa_10924_i70912053_il345.exe

Adobe Download Manager

LLC BUDІMEKS

The application cdc serial driver downloa_10924_i70912053_il345.exe by LLC BUDІMEKS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

Adobe Systems Incorporated (signed by LLC BUDІMEKS)

Product:

Adobe Download Manager

Version:

2.0.0.65s

MD5:

50af814f12545f3ff71da80e75b2f7ca

SHA-1:

840c41d2d277f691872d23fa9b31de0e52fab237

SHA-256:

9e0f4bfebe7f8c9802e79183709a4f6f46167c2bd3382ceeb083b8a5c6ed49e5

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/6/2024 7:57:56 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize.Bundler (M)

17.3.13.6

File size:

888.5 KB (909,840 bytes)

Product version:

2.0.0.65s

Original file name:

Adobe Download Manager

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\cdc+serial+driver+downloa\cdc serial driver downloa_10924_i70912053_il345.exe

Digital Signature

Signed by:

LLC BUDІMEKS

Authority:

COMODO CA Limited

Valid from:

8/26/2015 9:00:00 PM

Valid to:

8/26/2016 8:59:59 PM

Subject:

CN=LLC BUDІMEKS, O=LLC BUDІMEKS, STREET=Cvitna 34, L=Gorodockey area Galichani vilage, S=Lvovskaja, PostalCode=81523, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E9F1B23ADDECC133378F48EBB20F9E3D

File PE Metadata

Compilation timestamp:

10/14/2015 3:42:48 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x13DB4C

Entry point:

68, AD, C7, D6, 43, E8, B6, E9, FF, FF, 68, AD, 27, A5, 43, E8, AC, E9, FF, FF, A0, 97, 5B, FF, 7C, 8C, E6, 6F, B7, 01, C0, A3, 24, A0, B8, 99, AD, 63, 7D, 6E, DE, 1B, 9D, 60, 7F, BE, 53, D4, 2E, A1, 80, 52, CC, DA, 67, 46, 4B, AF, EA, BD, 6D, CE, B8, 10, 95, B4, 5C, EA, F1, 9B, 6B, 63, 79, E6, 80, A1, CF, 76, BA, 34, 22, 79, B6, 67, 76, F1, EE, 6D, 9D, 0D, AF, CC, 5A, 32, E7, B6, 19, 6E, CA, EA, 96, D7, 71, 99, 5D, 91, 90, 3D, 56, FB, 70, A0, 41, B6, 19, 5F, 8F, 22, C5, D5, 99, 58, 32, 4E, D1, BE, 6E, 56... 
[+]

Code size:

848.5 KB (868,864 bytes)

Remove cdc serial driver downloa_10924_i70912053_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.