home

finding fish chapter 2 summary_10924_i701237_il345.exe

Runner Utility

BERSHNET LLC

The application finding fish chapter 2 summary_10924_i701237_il345.exe by BERSHNET has been detected as adware by 20 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from files.red-2-small-button.com.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
4541e5adc979ed5257181d1cd07a3e16

SHA-1:
cb54b7bb330ec06cf564789670ea867ab2a0244d

SHA-256:
eac754f222d37b497d548cad884604f0f4b956b8f0cc6c9ae574e86444786c5b

Scanner detections:
20 / 68

Status:
Adware

Analysis date:
11/24/2024 12:03:42 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.597397
487

AhnLab V3 Security
PUP/Win32.LoadMoney
2015.04.20

Avira AntiVirus
ADWARE/Adware.Gen7
3.6.1.96

AVG
Generic
2016.0.2965

Bitdefender
Gen:Variant.Kazy.597397
1.0.20.1390

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.LoadMoney.IARS
21823

Dr.Web
Trojan.Amonetize
9.0.1.0278

Emsisoft Anti-Malware
Gen:Variant.Kazy.597397
8.15.10.05.10

ESET NOD32
Win32/Amonetize.DW potentially unwanted (variant)
9.11498

F-Prot
W32/S-53544127
v6.4.7.1.166

F-Secure
Gen:Variant.Kazy.597397
11.2015-05-10_2

G Data
Gen:Variant.Kazy.597397
15.10.25

K7 AntiVirus
Unwanted-Program
13.202.15641

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.1320

Malwarebytes
PUP.Optional.Amonetize
v2015.10.05.10

MicroWorld eScan
Gen:Variant.Kazy.597397
16.0.0.834

Panda Antivirus
Trj/Genetic.gen
15.10.05.10

Reason Heuristics
PUP.Amonitize.BERSHNET (M)
15.10.5.22

VIPRE Antivirus
Amonetize
39486

File size:
1.4 MB (1,515,536 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\finding fish chapter 2 summary_10924_i701237_il345.exe

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/5/2015 6:00:00 PM

Valid to:
2/6/2016 5:59:59 PM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
4/19/2015 9:13:08 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:HkwqGUuYZ5Hlx1fvvF4Mh0i/N+SsW5gf5zJsCJOKe1wRdQ4pyBlaT0nLbGojX0GQ:CGUu0FlX3F10iF+Sf5gf1ZOK8EsOAnLw

Entry address:
0x3CD480

Entry point:
60, E9, 68, BF, E9, FF, E8, B6, 0A, 00, 00, 66, 0F, BE, C2, 66, 0F, B6, C1, E8, ED, DE, F1, FF, 0F, 93, C0, 66, 0F, B6, C2, 8D, 05, 34, 40, 7C, 00, 68, 4C, 2B, 3C, D5, E8, 1D, AC, E9, FF, 33, CB, 14, B8, EF, 94, 78, 09, 01, 3D, 5A, A7, BB, 32, DC, 83, DF, A6, C4, CB, EB, F2, 10, 77, 2F, 06, 48, BF, 0C, ED, 62, EF, C3, 2A, 93, DF, BD, FF, 7F, 79, 45, B2, F3, 27, F3, B7, 23, 1B, 81, 42, 13, 6C, AE, DA, 01, A9, C0, 05, DB, B8, 02, 0F, 84, 92, DC, E1, 61, 80, 1C, 45, C5, 94, CD, 0C, 94, 9B, F9, DA, 55, 72, F4...
 
[+]

Entropy:
7.9942

Packer / compiler:
ASProtect v1.1, 0xBRS

Code size:
187.5 KB (192,000 bytes)

The file finding fish chapter 2 summary_10924_i701237_il345.exe has been seen being distributed by the following URL.

http://files.red-2-small-button.com/p/.../Finding Fish Chapter 2 Summary_10924_i701237_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.