chaturbategenerator__8544_il9231.exe

Prodlogistyka LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application chaturbategenerator__8544_il9231.exe by Prodlogistyka has been detected as adware by 12 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
Prodlogistyka LLC  (signed and verified)

Version:
1.1.5.90

MD5:
4c5d68ceed65cb024a3cab8c6dc96899

SHA-1:
b71c9954fc34fd9e9a158e40b5b83544c38b1a7f

SHA-256:
4289c73a4ea7ca784c95a50a015474e02c020e2dcabf7cd305d89dea56a9e5ca

Scanner detections:
12 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/25/2024 5:06:35 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.Amonetiz
2015.01.05

Avira AntiVirus
Adware/Amonetize.577224.12
7.11.199.110

Dr.Web
Trojan.Amonetize.341
9.0.1.0182

ESET NOD32
Win32/Amonetize.CK (variant)
9.10963

Fortinet FortiGate
Adware/Amonetize
7/1/2015

K7 AntiVirus
Unwanted-Program
13.1814525

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.1801

McAfee
Artemis!4C5D68CEED65
5600.6717

NANO AntiVirus
Riskware.Win32.Amonetize.dlgsuu
0.30.0.64448

Panda Antivirus
Generic Suspicious
15.07.01.05

Reason Heuristics
PUP.Amonetize.Prodlogistyka.Bundler (M)
15.7.1.17

Trend Micro House Call
TROJ_GEN.R047H07LU14
7.2.182

File size:
563.7 KB (577,224 bytes)

Product version:
1.1.5.90

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Amonetize Downloader

Language:
English (United States)

Common path:
C:\users\{user}\downloads\chaturbategenerator__8544_il9231.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
12/15/2014 6:00:00 PM

Valid to:
12/16/2015 5:59:59 PM

Subject:
CN=Prodlogistyka LLC, O=Prodlogistyka LLC, L=Kharkiv, S=Alabama, C=UA

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6EA4BF001566F2722AC7CE8C3A4F62AE

File PE Metadata
Compilation timestamp:
12/26/2014 12:07:40 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:T/XnAkWK1aT5KsO1HR9qJvL2qKprzTFOdbOXo17T+C:T/wkWK841H2d4GbF1uC

Entry address:
0xB0FA

Entry point:
E8, 1A, 3E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, C4, 5B, 39, 00, FF, 15, A4, E0, 38, 00, 85, C0, 75, 18, 56, E8, 50, 2D, 00, 00, 8B, F0, FF, 15, 84, E0, 38, 00, 50, E8, 00, 2D, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 9A, ED, FF, FF, C7, 06, C0, EB, 38, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, C0, EB, 38, 00, E9, DE, ED, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, C0, EB, 38, 00, E8, CB, ED, FF, FF...
 
[+]

Entropy:
7.6663

Code size:
115.5 KB (118,272 bytes)

Remove chaturbategenerator__8544_il9231.exe - Powered by Reason Core Security