FreeISOMount.exe

Free ISO Mount

Rspark LLC

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application FreeISOMount.exe, “Free ISO Mount Application” by Rspark has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Free ISO Mount by Media Freeware which is a potentially unwanted software program.
Publisher:
Rspark LLC  (signed and verified)

Product:
Free ISO Mount

Description:
Free ISO Mount Application

Version:
1.0.0.0

MD5:
0ab5eddd4ea47a119d1cca6ef3dad3c0

SHA-1:
b25fd98a69fa0f91c2d12cdd33376b27201e43f1

SHA-256:
ce56acc895428e680750a3be343f95bb563aa72feec70a77ef0f55a8beb12480

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 12:49:41 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Rspark.M
14.4.10.3

File size:
377.8 KB (386,856 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013.

Original file name:
FreeISOMount.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\free iso mount\freeisomount.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
11/25/2013 8:00:00 AM

Valid to:
1/26/2015 8:00:00 PM

Subject:
CN=Rspark LLC, O=Rspark LLC, L=Seattle, S=Washington, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0969FC9F3451C04483AE5CCEADE9FC13

File PE Metadata
Compilation timestamp:
12/8/2013 4:09:07 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:0yKpFXLXxF2UWx2RstqNSL2M9R9bUdc8eg9lo/JBrx/rNGOUiS:+FXLz2UI2zNSLv9Rkc8egcBrx/rNb4

Entry address:
0x5BDC

Entry point:
E8, EB, 27, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 38, 73, 41, 00, 89, 0D, 34, 73, 41, 00, 89, 15, 30, 73, 41, 00, 89, 1D, 2C, 73, 41, 00, 89, 35, 28, 73, 41, 00, 89, 3D, 24, 73, 41, 00, 66, 8C, 15, 50, 73, 41, 00, 66, 8C, 0D, 44, 73, 41, 00, 66, 8C, 1D, 20, 73, 41, 00, 66, 8C, 05, 1C, 73, 41, 00, 66, 8C, 25, 18, 73, 41, 00, 66, 8C, 2D, 14, 73, 41, 00, 9C, 8F, 05, 48, 73, 41, 00, 8B, 45, 00, A3, 3C, 73, 41, 00, 8B, 45, 04, A3, 40, 73, 41, 00, 8D, 45, 08, A3, 4C, 73, 41...
 
[+]

Entropy:
6.0964

Code size:
65.5 KB (67,072 bytes)

The file FreeISOMount.exe has been discovered within the following program.

Free ISO Mount  by Media Freeware
The installer uses the OutBorwse download manager to bundle additional adware during install including Conduit Search Protect, Yontoo PlurPush, SysTweak and other toolbars and potentially unwanted software utilities.
www.mediafreeware.com
72% remove it
 
Powered by Should I Remove It?

Remove FreeISOMount.exe - Powered by Reason Core Security