home

formula 1 gta vice city_10924_i3017012_il345.exe

Runner Utility

BERSHNET LLC

The application formula 1 gta vice city_10924_i3017012_il345.exe by BERSHNET has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
91e6f0798f925d92cfba236b61e42977

SHA-1:
08c1e7d939e7f135b8c6f8ae6599793b16e27beb

SHA-256:
b48dd414270afcc52c54b31a342c4ab40cf3e79375815ad2087038b6d98e7958

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/23/2024 6:46:08 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonitize (M)
17.3.14.5

File size:
1.5 MB (1,534,992 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\formula 1 gta vice city_10924_i3017012_il345.exe

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/6/2015 1:00:00 AM

Valid to:
2/7/2016 12:59:59 AM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
4/27/2015 3:13:08 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x26CC7C

Entry point:
60, C7, 44, 24, 1C, E1, 91, 82, 13, 55, E8, B9, 16, 00, 00, 89, 45, DC, 0F, AB, FA, FF, 74, 24, 04, 89, 45, D8, 80, F2, CA, 89, 45, EC, 66, 89, 44, 24, 08, 2D, 01, 00, 00, 00, 08, FE, 0F, A4, D2, 14, 89, 45, E8, 66, 0F, BC, D4, 27, 9F, 66, 0F, BD, D1, 89, FA, FF, 74, 24, 08, F6, DC, 2B, 55, 0C, E9, F3, 65, 0D, 00, 8D, 64, 24, 0C, E8, A1, 69, 16, 00, 60, E8, 7B, CF, 0D, 00, D0, E6, F9, D2, C1, 8A, 0C, 38, 8D, 64, 24, 08, D0, D4, D2, FE, F6, D8, 00, C9, 98, 66, 0F, BE, C2, 0F, 92, C6, 57, 8D, 84, 93, 00, 04...
 
[+]

Entropy:
7.9939  (probably packed)

Code size:
187.5 KB (192,000 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.