home

digital insanity keygen_10924_i28012363_il345.exe

Runner Utility

Dummy, Ltd.

The application digital insanity keygen_10924_i28012363_il345.exe has been detected as a potentially unwanted program by 11 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from downprov.nuclearmedicine2011.org.
Publisher:
Dummy, Ltd.

Product:
Runner Utility

Version:
1.0.0.186

MD5:
64100d73b5a747c37af8a176b6cdcdc3

SHA-1:
e904c7fb40347a17a1409cf550ff28f7013198da

SHA-256:
8356851cd621207d86c02a896ae3c5af19a564a7b508a7e99ba2226ef8863ce5

Scanner detections:
11 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 5:15:07 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur2.FU.sD0@aaoD8@fi
731

Avira AntiVirus
TR/Spy.Agent.1350656
7.11.206.200

Bitdefender
Gen:Trojan.Heur2.FU.sD0@aaoD8@fi
1.0.20.175

Bkav FE
HW32.Packed
1.3.0.6379

Comodo Security
Application.Win32.LoadMoney.IARS
20949

Dr.Web
Trojan.Amonetize.488
9.0.1.035

Emsisoft Anti-Malware
Gen:Trojan.Heur2.FU.sD0@aaoD8@fi
8.15.02.04.06

F-Secure
Gen:Trojan.Heur2.FU.sD0@aaoD8@fi
11.2015-04-02_4

G Data
Gen:Trojan.Heur2.FU.sD0@aaoD8@fi
15.2.25

MicroWorld eScan
Gen:Trojan.Heur2.FU.sD0@aaoD8@fi
16.0.0.105

Trend Micro House Call
TROJ_GEN.R0C1H09B215
7.2.35

File size:
1.3 MB (1,350,656 bytes)

Product version:
1.0.0.186

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\digital insanity keygen_10924_i28012363_il345.exe

File PE Metadata
Compilation timestamp:
2/2/2015 10:32:42 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:GI+C6WcaeMF/gCTvodUoPkQLW/TMOP8YIWzhJzDBxiZ6L+nQ63bQ2+r3ttFF:Hh6Wne0voSCNLW/TMOP8+hJX/d0bQh9r

Entry address:
0x16A68E

Entry point:
52, E8, 0B, 25, FF, FF, F9, E8, 79, 14, FF, FF, 8B, 46, 6E, 8E, 77, 82, C2, B0, D5, 3F, A0, 7B, 75, DB, CA, FF, D6, BD, 87, 79, 7D, 46, 50, EB, D4, 53, 5C, BF, B6, 1A, C3, 7A, 1D, E8, 06, 55, C1, DD, 19, AB, D1, 10, 29, CD, C9, 0C, 55, 27, 62, 32, 0B, 2F, C0, EF, EA, BB, CC, 5F, 25, 94, E0, E8, 16, 76, 69, BA, BC, FD, 59, 58, 4C, 26, ED, A6, F9, 27, 7F, BB, E5, 35, 29, 18, 7B, D0, 5C, 74, C9, E4, A7, DF, 17, 6E, C6, EB, C7, B7, 75, 58, 72, 38, FF, 7A, 4E, 35, 01, 4F, E2, 41, 78, C4, F5, 4C, 4B, 23, AE, 72...
 
[+]

Entropy:
7.8601  (probably packed)

Code size:
99 KB (101,376 bytes)

The file digital insanity keygen_10924_i28012363_il345.exe has been seen being distributed by the following URL.

http://downprov.nuclearmedicine2011.org/p/.../cheat engine 6.1 setup_10924_i28044135_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.