free sid meier alpha centauri download_10924_i44583809_il345.exe

Runner Utility

BERSHNET LLC

The application free sid meier alpha centauri download_10924_i44583809_il345.exe by BERSHNET has been detected as adware by 19 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from files.red-1-small-button.com.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
afd1ccc3a49ba0d28de2a73213950a76

SHA-1:
7d2fb74ee3eef588e205402194873cb0d22d71b6

SHA-256:
0d542cb4020d3298849d2b83d3170092a58d41b87816352a475be8a79db8f848

Scanner detections:
19 / 68

Status:
Adware

Analysis date:
11/5/2024 12:55:58 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Mikey.8247
6566297

AhnLab V3 Security
Trojan/Win32.LoadMoney
2015.03.19

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.218.106

AVG
Generic
2016.0.3166

Bitdefender
Gen:Variant.Adware.Mikey.8247
1.0.20.390

Comodo Security
Application.Win32.LoadMoney.IARS
21460

Emsisoft Anti-Malware
Gen:Variant.Adware.Mikey.8247
9.0.0.4799

ESET NOD32
Win32/Amonetize.DW potentially unwanted application
7.0.302.0

F-Prot
W32/S-40484255
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Mikey
11.2015-19-03_5

G Data
Gen:Variant.Adware.Mikey.8247
15.3.25

K7 AntiVirus
Unwanted-Program
13.201.15310

Kaspersky
not-a-virus:Downloader.Win32.Agent
15.0.0.543

Malwarebytes
PUP.Optional.Amonetize
v2015.03.19.05

McAfee
Trojan.Artemis!AFD1CCC3A49B
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.Mikey.8247
16.0.0.234

Panda Antivirus
Trj/Genetic.gen
15.03.19.05

Reason Heuristics
PUP.BERSHNET
15.3.19.5

VIPRE Antivirus
Threat.4785227
38552

File size:
1.5 MB (1,594,384 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\free sid meier alpha centauri download_10924_i44583809_il345.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
2/6/2015 1:00:00 AM

Valid to:
2/7/2016 12:59:59 AM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
3/17/2015 12:03:09 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:DZix47lUf+c1s5Uv2S35VESveudSrJ7kvx3yynVZu:DYx47UN+UroSveugO53zVI

Entry address:
0x3FB285

Entry point:
51, 9C, C7, 44, 24, 04, 01, 7F, C9, 5E, 66, 89, 34, 24, C6, 04, 24, F0, C7, 04, 24, 4F, DC, 6A, C1, 68, BA, 28, 35, DC, 9C, 8D, 64, 24, 08, E9, 11, 6E, 00, 00, DC, A2, 82, DE, FA, 7F, A0, 96, C7, 84, B7, E5, 7B, EA, 50, BE, F1, A3, C1, A4, 2D, A1, 91, 5B, 60, 50, F8, 67, 13, FF, 94, AD, 86, 29, 59, D9, AB, 20, E7, E2, D6, A8, 73, 7A, 8B, 0D, 17, 93, 3E, 6F, 60, DF, 0E, AE, 6E, 0F, 25, 93, 3E, BD, FD, AB, 8F, C0, 38, 7D, 65, E8, 4A, 9F, 83, 5A, EC, 5B, 47, 5B, 83, 06, 2A, 36, 02, 5E, 72, F7, 27, FB, 13, 4F...
 
[+]

Code size:
187.5 KB (192,000 bytes)

The file free sid meier alpha centauri download_10924_i44583809_il345.exe has been seen being distributed by the following URL.