home

freedownloadmanager.exe

Free Download Manager

B-softwares.com

The application freedownloadmanager.exe by B-softwares.com has been detected as a potentially unwanted program by 27 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from www.23dn.info.
Publisher:
B-softwares.com  (signed and verified)

Product:
Free Download Manager

Version:
2.1.249.0

MD5:
de617933d009728c1e085bd8acffc2cb

SHA-1:
cee933476dfbaa4eb01ac4c68b96406f356047ea

Scanner detections:
27 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
2/25/2025 11:06:08 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Solimba.1
292

Agnitum Outpost
Trojan.Adware
7.1.1

Avira AntiVirus
PUA/Solimba.Gen
8.3.2.4

Arcabit
Trojan.Adware.Solimba.1
1.0.0.629

avast!
MSIL:Solimba-C [PUP]
2014.9-160418

Bitdefender
Gen:Variant.Adware.Solimba.1
1.0.20.545

Comodo Security
UnclassifiedMalware
23796

Dr.Web
Adware.Downware.83
9.0.1.0109

Emsisoft Anti-Malware
Gen:Variant.Adware.Solimba
8.16.04.18.05

ESET NOD32
MSIL/Solimba potentially unwanted
10.12752

Fortinet FortiGate
MSIL/Solimba
4/18/2016

F-Prot
W32/Solimba.A.gen
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Solimba
11.2016-18-04_2

G Data
Gen:Variant.Adware.Solimba
16.4.25

IKARUS anti.virus
PUA.Solimba
t3scan.1.9.5.0

K7 AntiVirus
Trojan
13.212.18161

Kaspersky
not-a-virus:AdWare.MSIL.Solimba
14.0.0.344

Malwarebytes
Trojan.Repacked
v2016.04.18.05

McAfee
GenericTRA-AK!DE617933D009
5600.6426

MicroWorld eScan
Gen:Variant.Adware.Solimba.1
17.0.0.327

NANO AntiVirus
Riskware.Win32.Downware.dfsefg
1.0.10.5081

Quick Heal
PUA.Solimbaapl.Gen
4.16.14.00

Sophos
Generic PUA MO (PUA)
4.98

Trend Micro House Call
ADW_SOLIMBA
7.2.109

Trend Micro
ADW_SOLIMBA
10.465.18

Vba32 AntiVirus
AdWare.MSIL.Solimba
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
45948

File size:
107.5 KB (110,072 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\Documents and Settings\{user}\My documents\downloads\programs\freedownloadmanager.exe

Digital Signature
Signed by:
B-softwares.com

Authority:
COMODO CA Limited

Valid from:
1/16/2012 7:00:00 AM

Valid to:
1/16/2013 6:59:59 AM

Subject:
CN=B-softwares.com, O=B-softwares.com, STREET=32 pinglewood, L=brampton, S=ontario, PostalCode=l6p1e3, C=CA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B98D17728133C0375F64DD24CB19957E

File PE Metadata
Compilation timestamp:
12/6/2009 5:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:eQIURTXJZeqgKJ+BCuCQdf1X8iHcTqhmS:es9gKDQdN9HcT7S

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.3015

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file freedownloadmanager.exe has been seen being distributed by the following URL.

http://www.23dn.info/FreeDownloadManager.exe

Remove freedownloadmanager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.