Dropbox 2.4.7.exe

Dropbox 2.4.7

Download Manager, LLC

The application Dropbox 2.4.7.exe by Download Manager has been detected as adware by 20 anti-malware scanners. The program is a setup application that uses the AirInstaller Download Manager installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. With this installer, users are expecting to download Dropbox but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.
Publisher:
Download Manager, LLC  (signed and verified)

Product:
Dropbox 2.4.7

Version:
3.0.0.73

MD5:
f8d17e356273290a1a58551d947ea071

SHA-1:
3811ad829531b86b223869891f996dcdadf314e2

SHA-256:
a0bce651d5eb195332e5eaffba43aa6317d79ca6462e1e0d411b7874375b977d

Scanner detections:
20 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 12:59:51 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Jaik.5699
692

AhnLab V3 Security
PUP/Win32.Bundler
2015.03.15

Avira AntiVirus
APPL/Downloader.Gen
7.11.217.78

avast!
Win32:Adware-CKF [PUP]
150101-1

AVG
Generic
2016.0.3170

Bitdefender
Gen:Variant.Application.Bundler.Jaik.5699
1.0.20.365

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Trojan.DownLoader12.14838
9.0.1.073

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Jaik.5699
8.15.03.14.08

ESET NOD32
Win32/DownloadAssistant.A potentially unwanted application
9.7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
11.2015-14-03_7

G Data
Gen:Variant.Application.Bundler.Jaik.5699
15.3.25

herdProtect (fuzzy)
2015.6.20.23

K7 AntiVirus
DoS-Trojan
13.194.14930

MicroWorld eScan
Gen:Variant.Application.Bundler.Jaik.5699
16.0.0.219

NANO AntiVirus
Trojan.Win32.DownLoader12.dncixg
0.30.0.65070

Panda Antivirus
Generic Suspicious
15.03.14.08

Reason Heuristics
PUP.Bundler.DRD Ventures
15.3.14.20

VIPRE Antivirus
Threat.4782985
37240

Zillya! Antivirus
Backdoor.PePatch.Win32.64042
2.0.0.2062

File size:
788.3 KB (807,208 bytes)

Product version:
3.0.0.73

Copyright:
(c) Download Manager, LLC

Original file name:
Dropbox 2.4.7.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
AirInstaller Download Manager

Language:
English (United States)

Common path:
C:\users\{user}\downloads 2.4.7.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/13/2014 7:00:00 PM

Valid to:
12/13/2016 6:59:59 PM

Subject:
CN="Download Manager, LLC", O="Download Manager, LLC", L=Elkhart, S=Indiana, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2E237E5FB17FCF829CCA0A9B6176FC0B

File PE Metadata
Compilation timestamp:
1/28/2015 2:30:21 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:wbFdxlYmY5Kq2w7R0zUSh8wV1EzwlA5rGnK4S8eci25/RTzt:wZdabezUSh8wV1EzwlUGnK4Sw5/f

Entry address:
0x4D5CF

Entry point:
E8, 4E, 1A, 01, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 40, 4F, 4A, 00, 00, 74, 05, E9, B1, 1A, 01, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA, 01, 75, F6...
 
[+]

Entropy:
7.1199

The file Dropbox 2.4.7.exe has been seen being distributed by the following URL.

Remove Dropbox 2.4.7.exe - Powered by Reason Core Security