gang beasts-0.0.3.exe

Gesamubosi

Parsec Media S.L.

The application gang beasts-0.0.3.exe, “Gesamubosi Setup ” by Parsec Media S.L has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.senddeliveryshare.com.
Publisher:
Parsec Media S.L.  (signed and verified)

Product:
Gesamubosi

Description:
Gesamubosi Setup

MD5:
b5f63faa2955b9e5dd51bb0df03baba5

SHA-1:
44b525ed3d3ff32769b0702451e3f773a4821ea5

SHA-256:
b5e53dc845be081c7704944fcf8eb6cb50d625f233e16f1311e34c899028007a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/27/2024 4:45:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.4.9

File size:
1.2 MB (1,259,512 bytes)

Product version:
2.4.8

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\gang beasts-0.0.3.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/20/2016 5:02:38 PM

Valid to:
1/20/2017 5:02:38 PM

Subject:
CN=Parsec Media S.L., O=Parsec Media S.L., S=Barcelona, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121664972E6D57B8AC3433073871EDF1FEA

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xAA98

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 2E, 86, FF, FF, E8, 35, 98, FF, FF, E8, 9C, 9B, FF, FF, E8, B7, 9F, FF, FF, E8, 56, BF, FF, FF, E8, ED, E8, FF, FF, E8, 54, EA, FF, FF, 33, C0, 55, 68, 69, B1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 32, B1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, D0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, C2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, 24, 93, FF, FF, 8D, 55, F0, 33, C0, E8, 66, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
40.5 KB (41,472 bytes)

The file gang beasts-0.0.3.exe has been seen being distributed by the following URL.

http://www.senddeliveryshare.com/CsOwRRzX7OAiutltYN69cY51erpS9KP2mCVGAfXj0 g6CLyibdjo9Yfe_1_61xbJwhux2OM24dDdcF4_PaK6GbMIYKKzpmDU7qOL05hLEb3 ndL5Ag1CNb7jNxB6Gf2CrMLRLmnrkhrboekV8ghrbtSUCVXvfoNeQeWGkMR_qvzVkRLQvri7AW23prXsQX4zwPEiTAMepcXZ2lyYOVRopg088R9LrfamwH mBIsoYXQoYeIHpd7Oy0GQd7EbkpIBumVGFdNKHw6MYWHXGyXdTfhuH0QXKN2KfqQvXnZ4unIOxWzLYCAPzhUSzi5laY7HuDf7ZLadyJV8LhFmkdT5JgCSSzEpM6jUlYA1uXCcZd3UEnVw4 zQEpFrQiHuYf8yDu8ArHJfYZPpypLF8oFSQhEUKxOgMaDaBwBxqmMJLyH_F4T05cnd0JeUaaI15FO62 pX56UYgRFEMJmnxZko12o7ejMqPg==-G0cAAERP1pLoTIiKktkeJYVO7npQuzy4tkAKLPAY5nR8SxK_cYHmQI5GkXpY86teng0_kxCsk_D0gk8=

Remove gang beasts-0.0.3.exe - Powered by Reason Core Security