downloadmanager.exe

Smart

OutBrowse LTD

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application downloadmanager.exe by OutBrowse has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
@  (signed by OutBrowse LTD)

Product:
Smart

Description:
Manages Products

Version:
1.0.0.1

MD5:
32fd587d436d8a59d9f38bc1d089f96d

SHA-1:
7a3372e7d4054aa6f90ba584aa4d8eb9bf1c0d43

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 5:32:16 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
16.5.6.1

File size:
1.2 MB (1,237,560 bytes)

Product version:
1.0.0.1

Copyright:
(c). All rights reserved.

Original file name:
Smart.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\downloadmanager.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
2/25/2013 4:00:00 PM

Valid to:
2/26/2014 3:59:59 PM

Subject:
CN=OutBrowse LTD, O=OutBrowse LTD, L=Ramat Gan, S=Ramat Gan, C=IL, SERIALNUMBER=514686914, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
06C1C2AE3E180ADDA27BBF2BD8EAC0E7

File PE Metadata
Compilation timestamp:
6/3/2013 1:46:36 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:QvNYPF8gNKvEWgok/i2AUKZPsx5KzBkJ5kDaNy:MNCF7NqygSxoziJCDa

Entry address:
0xD9C3B

Entry point:
E8, 96, A1, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, 9C, 0F, 51, 00, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, EA, 9D, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, DA, 9D, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, 19, 01, 00, 00, 8B, 4D, 10, 8D, 55, E8, 89, 53, FC, 8B, 5B, 0C, 89, 45, E8, 89, 4D, EC, 83, FB, FE...
 
[+]

Entropy:
6.3151

Code size:
962 KB (985,088 bytes)

Remove downloadmanager.exe - Powered by Reason Core Security