home

download+adobe+photoshop+cs4+full+crack.exe

Andrey Hmelnikov

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application download+adobe+photoshop+cs4+full+crack.exe by Andrey Hmelnikov has been detected as adware by 26 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from bestoria.info.
Publisher:
Andrey Hmelnikov  (signed and verified)

MD5:
8f25f18a96feffc81dbbb2385a8482a2

SHA-1:
8b13a3ae2529c6d2e0a8c3331a2fe4375f59ff30

SHA-256:
4bf0caf8ad5b58f27982c4b29c0b3e85284dfc4dd4e631fa7b3a451fdb988b2b

Scanner detections:
26 / 68

Status:
Adware

Analysis date:
11/24/2024 12:25:22 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Kazy.481287
6765824

AhnLab V3 Security
PUP/Win32.MultiPlug
2015.03.06

Avira AntiVirus
PUA/Multiplug.trou
7.11.214.2

avast!
Win32:Agent-AUVV [Trj]
150101-1

AVG
Adware Generic_r.VD
2014.0.4253

Bitdefender
Gen:Variant.Adware.Kazy.481287
1.0.20.320

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.Multiplug.CT
21304

Dr.Web
Trojan.Packed.24060
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.481287
9.0.0.4799

ESET NOD32
Win32/AdWare.MultiPlug.CT application
7.0.302.0

Fortinet FortiGate
Adware/MultiPlug
3/5/2015

F-Prot
W32/S-a45e7af1
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Kazy
5.13.68

G Data
Gen:Variant.Adware.Kazy.481287
15.3.25

K7 AntiVirus
Unwanted-Program
13.200.15173

Kaspersky
not-a-virus:AdWare.Win32.MultiPlug
15.0.0.543

Malwarebytes
PUP.Optional.MultiPlug
v2015.03.05.01

McAfee
Program.MultiPlug-FRO
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.Kazy.481287
16.0.0.192

NANO AntiVirus
Riskware.Win32.MultiPlug.dfjscb
0.30.0.296

Norman
Gen:Variant.Adware.Kazy.481287
03.12.2014 13:20:04

Reason Heuristics
PUP.WebPick
15.3.5.13

Sophos
PUA 'MultiPlug' (of type Adware)
5.11

Vba32 AntiVirus
SScope.Adware.MultiPlug
3.12.26.3

Zillya! Antivirus
Backdoor.PePatch.Win32.53089
2.0.0.2089

File size:
873.9 KB (894,840 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\download+adobe+photoshop+cs4+full+crack.exe

Digital Signature
Signed by:
Andrey Hmelnikov

Authority:
Unizeto Technologies S.A.

Valid from:
6/23/2014 1:25:04 AM

Valid to:
6/23/2015 1:25:04 AM

Subject:
E=Andrey.Hmelnikov@hotmail.com, CN=Andrey Hmelnikov, O=Andrey Hmelnikov, C=RU

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
727B500ADD12D49F610A094EBFE02E4B

File PE Metadata
Compilation timestamp:
4/6/2012 6:36:57 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:79HhSYzSExMO6Z8EDXtQXLtWWXA/teiJ59xL:5HhLzSgMDaXHXAJ5TL

Entry address:
0x3CB86

Entry point:
E8, 78, 48, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, A5, 44, 00, E8, E4, 0F, 00, 00, E8, 45, 4A, 00, 00, 0F, B7, F0, 6A, 02, E8, 0B, 48, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, D6, 08, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.6985

Code size:
275.5 KB (282,112 bytes)

The file download+adobe+photoshop+cs4+full+crack.exe has been seen being distributed by the following URL.

http://bestoria.info/v20706/lp/?q=cIdSMZ0bk6lYl/XZTVEzdTwsoIKJ7lqM3AcSJrb3KXDvs xr5gfhuc1f8uE5kwDmHBytUrvSsOeNsYkdbrpm9Cgu/Dt9h3cVa39onUrVXA4GkDS2rGxKiQ3Lx3F0e3CgkwDiXXv1NghjicIem/uZ7pcNAD692oDC4BvhdftDke0xN0pVJxEOet 4NcfYY8TrP6bfJg8Kjn1GwhYIEnXGUINXD4AWx4Ib331m5aKt9/Q/Q4 kY HCc6TyuKAwHvm0pZsG6J1HkEATlkShZfY87M5zSFRA/.../Zz1w3PqDRGrZfTEOpqsjXTYUeF9OsIKQZJH2R5CBLknN&external_id=1415170261113830051

Remove download+adobe+photoshop+cs4+full+crack.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.