home

download.exe

b191212

BR SOFTWARE LLC

The application download.exe by BR SOFTWARE has been detected as adware by 31 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.onlinemidia.com.
Publisher:
BR SOFTWARE LLC  (signed and verified)

Product:
b191212

Version:
1.0.0.0

MD5:
bafee7cf5124d55c61c59ea334318532

SHA-1:
38e578a45de9963fcc0b71ae369b9509384835a6

SHA-256:
c850a778de5111316cf961e72a2cffb8320a048bb2733fad6a4f43cbd636d9e1

Scanner detections:
31 / 68

Status:
Adware

Analysis date:
4/23/2025 3:01:03 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.8537352
600

Agnitum Outpost
PUA.PCMega
7.1.1

Avira AntiVirus
ADWARE/PCMega.M
8.3.1.6

Arcabit
Trojan.Generic.D824508
1.0.0.425

avast!
Win32:Downloader-SCT [Adw]
2014.9-150614

AVG
Generic30
2016.0.3078

Baidu Antivirus
Adware.MSIL.PCMega
4.0.3.15614

Bitdefender
Trojan.Generic.8537352
1.0.20.825

Comodo Security
UnclassifiedMalware
22316

Emsisoft Anti-Malware
Trojan.Generic.8537352
8.15.06.14.08

ESET NOD32
MSIL/Adware.PCMega
9.11725

Fortinet FortiGate
Adware/Fam.NB
6/14/2015

F-Secure
Trojan.Generic.8537352
11.2015-14-06_1

G Data
Trojan.Generic.8537352
15.6.25

IKARUS anti.virus
Trojan-Ransom.Win32.Foreign
t3scan.1.9.3.0

K7 AntiVirus
Backdoor
13.204.16117

Kaspersky
Trojan-Downloader.MSIL.Agent
14.0.0.1886

McAfee
Artemis!BAFEE7CF5124
5600.6734

MicroWorld eScan
Trojan.Generic.8537352
16.0.0.495

NANO AntiVirus
Trojan.Win32.Generic.dhxpdr
0.30.24.1636

nProtect
Trojan.Generic.8537352
15.06.02.01

Panda Antivirus
Trj/Downloader.WKR
15.06.14.08

Qihoo 360 Security
Win32/Trojan.Downloader.3f4
1.0.0.1015

Reason Heuristics
PUP.BR Software.BRSOFTWARE
15.6.14.20

Sophos
Mal/Generic-L
4.98

Trend Micro House Call
TROJ_SPNR.03AE13
7.2.165

Trend Micro
TROJ_SPNR.03AE13
10.465.14

Vba32 AntiVirus
Trojan.MSIL
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
40788

ViRobot
Trojan.Win32.S.Agent.19448.CF[h]
2014.3.20.0

Zillya! Antivirus
Downloader.Agent.Win32.155715
2.0.0.2202

File size:
19 KB (19,448 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Original file name:
b191212.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\maias\download.exe

Digital Signature
Signed by:
BR SOFTWARE LLC

Authority:
GoDaddy.com, Inc.

Valid from:
12/20/2012 2:35:01 PM

Valid to:
4/17/2013 1:03:06 PM

Subject:
CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, L=Lewes, S=DE, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
27C2AD069AC04D

File PE Metadata
Compilation timestamp:
12/20/2012 2:27:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:NTXumUsogeBT3rScnGfNeLNek+vDGU6DPb:VeV8cG9UPb

Entry address:
0x451E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
9.5 KB (9,728 bytes)

The file download.exe has been seen being distributed by the following URL.

http://www.onlinemidia.com/ids/.../download.exe

Remove download.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.