» download+aimbot+for+cs+1._10924_i69015455_il345.exe
Overview
Analysis
File Details

download+aimbot+for+cs+1._10924_i69015455_il345.exe

Google Chrome Portable

LLC BUDІMEKS

The application download+aimbot+for+cs+1._10924_i69015455_il345.exe by LLC BUDІMEKS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

PortableApps.com (signed by LLC BUDІMEKS)

Product:

Google Chrome Portable

Version:

43.0.2357.134

MD5:

fe0eb0ca519e95f97da6ca0f093f8a59

SHA-1:

c3d4c571a313859e6d133e8b911e627e893df8bc

SHA-256:

d80f3fd71461536ff5670fd89942cc5b627f03e626221fb0e5c20733d609f287

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/6/2024 7:58:02 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize.Bundler (M)

17.3.10.20

File size:

1.4 MB (1,491,472 bytes)

Product version:

43.0.2357.134

2007-2015 PortableApps.com, PortableApps.com Installer 3.0.19.0

Trademarks:

PortableApps.com is a registered trademark of Rare Ideas, LLC.

Original file name:

GoogleChromePortable_43.0.2357.134_online.paf.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\download+aimbot+for+cs+1._10924_i69015455_il345.exe

Digital Signature

Signed by:

LLC BUDІMEKS

Authority:

COMODO CA Limited

Valid from:

8/27/2015 2:00:00 AM

Valid to:

8/27/2016 1:59:59 AM

Subject:

CN=LLC BUDІMEKS, O=LLC BUDІMEKS, STREET=Cvitna 34, L=Gorodockey area Galichani vilage, S=Lvovskaja, PostalCode=81523, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E9F1B23ADDECC133378F48EBB20F9E3D

File PE Metadata

Compilation timestamp:

10/9/2015 5:22:50 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x2CD2F2

Entry point:

68, B3, 71, 48, 2C, E8, E4, D2, EF, FF, EF, 90, AD, 05, C1, 5B, 65, AC, 65, 25, 7D, 02, 52, FA, 59, DA, 8F, 53, 5A, 07, 8F, EE, AD, 25, 8E, FA, 66, AC, 85, 87, 3D, B3, 53, BA, B9, E7, BD, 53, FA, C4, 5D, B6, 53, 1A, E7, 92, 66, AD, 45, 12, 67, BA, AC, 85, 13, 84, 77, 52, BA, 81, 9D, 5D, 53, 5A, 8F, 12, 8D, AD, A5, 9E, F5, 70, AC, 45, 35, 41, AC, A5, 33, 6B, 1F, 52, FA, EF, 11, F5, AD, 05, 77, E7, 22, AC, A5, C9, AC, 10, AC, 05, 24, 7C, 21, 52, 5A, F3, A1, 53, BA, 56, D8, B1, AD, E5, 81, 2E, AC, 45, C6, 2F... 
[+]

Code size:

1.3 MB (1,384,960 bytes)

Remove download+aimbot+for+cs+1._10924_i69015455_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.