error missing ilok authorization fo....exe

safe click LOL

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application error missing ilok authorization fo....exe by safe click LOL has been detected as adware by 9 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. According to AVG, this software downloads additional adware offers during setup.
Publisher:
safe click LOL  (signed and verified)

MD5:
fa6baa5221fca5b7c74ae2c9ed40c5ca

SHA-1:
0f1e1b44a581bfc72de7b97c842ddc88992a25af

SHA-256:
cebebb0c5d8069dedb83d99ef03f2eee8e476d1127a7d3df8583fb045378b85b

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 6:04:28 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.OutBrowse
2015.02.08

Avira AntiVirus
APPL/Downloader.Gen
7.11.208.148

AVG
Downloader
2016.0.3205

Comodo Security
Application.Win32.AltBrowse.HY
20997

ESET NOD32
Win32/OutBrowse.BU potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
2/7/2015

Malwarebytes
PUP.Optional.OutBrowse
v2015.02.07.04

Reason Heuristics
PUP.Outbrowse
15.2.18.17

Trend Micro House Call
Suspici.B4D1CBB0
7.2.38

File size:
574.9 KB (588,664 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Common path:
C:\users\{user}\downloads\error missing ilok authorization fo....exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
2/3/2015 1:00:00 AM

Valid to:
1/28/2016 12:59:59 AM

Subject:
CN=safe click LOL, O=safe click LOL, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
4FDE5AD324E269DA8C09C2F4DC8B70AF

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:/vjzefB0QXBBbBfI8pRlD0XqQajf5M4/qydNz4ecdaE8hUy+jLz:/rzenXBBbBzLV0aR5MmJdNMeegy/

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove error missing ilok authorization fo....exe - Powered by Reason Core Security