» gang_beasts.exe
Overview
Analysis
File Details
Downloads (107)

gang_beasts.exe

Cilap

Morava Group

The application gang_beasts.exe, “Cilap Setup ” by Morava Group has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.appsfilessafe.com and multiple other hosts.

File name:

gang_beasts.exe

Publisher:

Morava Group (signed and verified)

Product:

Cilap

Description:

Cilap Setup

MD5:

e3799e57eff7ce319e2cdf31e551587e

SHA-1:

923a44b914238c7f54f5e1422fa917da98fa01ea

SHA-256:

ac29f5587c7c429f0ec134cd9d548a60967b64e6ee5bea0f7cc972957b768824

Scanner detections:

1 / 68

Status:

Potentially unwanted

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

12/26/2024 1:55:46 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore.MoravaGr.Installer (M)

16.5.13.22

File size:

925.9 KB (948,152 bytes)

Product version:

3.7.3

Fast Internet

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\gang_beasts.exe

Digital Signature

Signed by:

Morava Group

Authority:

GlobalSign nv-sa

Valid from:

3/7/2016 12:28:01 AM

Valid to:

3/8/2017 12:28:01 AM

Subject:

CN=Morava Group, O=Morava Group, L=Towson, C=US

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A83F14C1C6D435814D1A4B9EC949DB5C

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:NH9a0YfN12k11Me/htysP9NLE/MJmPh6L:dRYfN124yghtJDLyMJmh6L

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9339

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file gang_beasts.exe has been seen being distributed by the following 50 URLs.

http://www.appsfilessafe.com/c?x=/HIScItkkBKqgsSmiwD6Nvs0OE2e50RY6yWB9dTdYlE=&c=SD3BCB5ftxRZe1T6LHq4zSUgnnnJ9JruJIFnLdjtddGMtm3lWtW1EdPMT23o9g 274h3ugxNMxvYv6wdDyoc9M6SOKND1 KQg4vfcIunmmVqRT0/.../Ej43gsnpd9XzwoX LWYG8RdBWLE1tJQiDb5BGhEzTz52G0dRWPHRnkOY=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=QUM0zWF1sYrsW1P71 swra2FyYL6ur74sdHqdwIW1c=&c=Nrn1HrPLhJ3vFeJaVRGGxG/0CVUZzo5FCFl9hwaXVkjO3hrJiS82M5E82/MFSw97TdUNz1U 40ubV/.../uhTyLqMAyL13TyC&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=VRAQwndaAmHqjkAb/.../g=&c=az4zWq5R43My1K4ykjDwaf1eSysVpozruqUDn5ACN UzInbMmA4NBLb6rL6AIb3 bHoxKafurLi21PYUVWLIfqXSfTZHpgSFvVqoP PRxpLv0KPdfBvK6IX9iOTiRr8U&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=76hKLqAURZG3 b7UZPSQBuTXOektt842Wr748SNWXp0=&c=F8xaUGfFXzVhgqeVF4n05iHm5V2bevj6eC2sliaHnDd7GqGdtbV52ufI/.../HjIkgQadJ4LhV1aezIKfFG9yXfYfpztNt2pJVR8AnjBH5U2eW4z 9HGvtg=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=EXYZFw/RdtmTZWw3bvs0m3kEr5vobYNZHG 4JM6COdc=&c=9RzZxV2yTRpONEHJjSLby vghW6TQbbxCHKAgT/SCO1Ny4mhwTUK725RhmothFDEUqNN04HpUku6O6bE66/.../S9IJYADloV96kp2l9FGmDwXojtVGZSYJrYWmuODjSeY56K&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../xCtvhfKq5eAKiBeFeBIpKZjcMuYw=&c=EMc91tnJS7Qo3hAw RpfeyHTW0v1M ehliuxMR17jn2ocU7hBEzHTQGjFNCrdEky01oqxSidMrWxD3EkBcXrU8Mv7ytac1i6lnFK4454p019vuKFKBdI2WLQD5BZ4NgA4Np8JnpuqoyLwrsAVoIn8t8VvkGLhqIUHrS9JjX lfg=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=OMRlJTeMVHlNf7e odvTLqzvC3wGhvClG50C8oqLod4=&c=pNhgNZDLTAT29x911AkRPnHwC23qyh9UoPPrnLPMEZsfNEZEMqQTinhKXFS4CeDmg5GQLWABTvJEGSfSds8tgsLXIz8j2Id75TR3yzyDi2WB9SItxP/.../x17ZQL6oi7ZV52AOcR5XtdLMUh55JG0E7BrI9WCdP xk=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../Rld2wsk=&c=TirM7D6Q5gZzEO0OfQrOEHKpK312iuOzOk LPzzRXyjv2PUQ6k iWiqfSOvtD8HIFJ6Bl5OmYzdk2HJVBqSD3hSuV65XLVrMNA0vSehkAYgLXtmItg7EbyEUUO38pooQ&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=a0ZNqigLdsHoUO0S9slOd sUGwayUSPsp0MPWoB73Lw=&c=CKo2MEojzsTLq0Im4ECkiVbN4THZgaKNNgJTWNO6z2Bz3mFGv0sqx2Nz8ctIOXlmyRJRtAKXfHm30q94uC8h7GXmIjRtIy5MLDLz16 qsLTWUi6xax0u koyZsMFdCDzhW9cQ/.../QcTHaDaQrTmSCCiQ1VPa7Q6Y7y GNPZxLUryulWo1&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=LzDCJ DzY1uPyPeROVPHzh2TB0xOH8bF/m02le9acuI=&c=yEXvSUCswm2i5Il/AFABjYQ/xW8XB6iTKc S/ZArFMdiSFB96tG YdCNGrbu5o79Ak9L/07/.../Qykq61 WbhjOeNU=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../bu8J51oUiZJqJv O5hVGnoiq5C6hv5lWsoftNrP9vboNQdzV3HZQtR8Q6P580TBMYkCCY11lHw=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../O95K BAxt8Ev6IdAFHGQoYrFoOThSKKI8KYqtl MhwXxk66S2KrsbOrvO6EUo=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=lTlJX LPR8Z8ISM5a7jnuXi0uvt96TNXJFnWJN/VuQE=&c=eyU75gYY2mBYvrg 5JGwRnP6LfM Zmso3in4ro8rf0hffLRuOe 16/.../XK7DQ5qIhduU5Z72fjvrZpSu1KxrGLumgOI4arOVQgkNNQNxGH8cKFR2B4ZGHzMjxF9Qp2j83jXfjJSzbp84v9V3Y2EJ40kfWU37hok=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=hpdjTuaodQkXFBJFPRs9eELCmkz4Gt6bA4aYGa5yKSE=&c=QoiQsPQXlMh ZG9iyq6tJdcDNEqQNsHHwYw5EPY3BEGx0XK7y0hhdncUCDKlw9KHNqvMvUYprzcAE68DrKMfQkgfW/WsTvski6hiJP/Nj7ayNoempp4xID6CDh7teTmhWw9btqW7JNgZo6iNr5lTXSZs2mcX3BZTD1BBuYSUVJTtN wQV2/.../CkfJ1gTY7D&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=o68Qk lkPeOvlGX lTRv/7GnkB/f36x8RoS60mLHnvo=&c=GXGAGeyQDU5jsdyn79ovZqxp9YA1ruzJubs9yWZ 2kVNqTwQOsPwsW mazYG9WmYfx/.../kIRAREyyPIZckGCBRBGeGy7DXMOhWevZ&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=lV/K74AkIxvrn0qM7sCHcwZ0wn3XvCkf2kktb30PtkE=&c=OYn43Jn0PVWShOrZkDh0xfieVKASXn qd62Nia3cGRVT5kDGtMvl6 VYp7SwsRC2HsA/.../nQA197VH8kpA0Sr2o3LdjxumqgVrYTraz724AOSzkwACAtHhk=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=makHvQxlMLmWAHiKcdXzKT4NMdqoR2xP83OMFZHxLCs=&c=QtfnFdj5diD4pl6JJUcr2zRA/TBax4v5djUjcqG0m frlLDV5XLr/Xtvagw4dmW7go49bOVU 1BRePWfpT3k/.../whE4AaOewJ4Im5Os6XeQPrp2qW3WWuTfYWKM7blfy 9QY=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=ZDGMf p4v50FQadrOcx8vliMda8anhOtO/.../DkRkYV6pfNzaTKX6I9NkDUrJOcDCcdFGhCDUuBybfmataE3wjgekYHrPkDnkeRLLZItokfTclU1STWJIchK29wC4wQ3I2rnObMzoIaPxGM7JtEsgIueufBIfPquU6aQvZAhZXREvS5LNPW7o3mhJ3Us=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/.../3LgyCZJeFmsh5Fs=&c=E8mTmkLAdEIAFlS2ar3Y2rRVZfYRKuQOPvv6WxvgulAJHHDG8938wMpN9Ks3GBx2MgqBCJr6kJyxuV7VTRBUHfxFYGC228aHLpFmLIGI94ntjJOu KmFCR7KlDMJ1mlz&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=FnhgA23F t40CYPscRGMLccGNMI35U9tAOAHXfR1dhQ=&c=gisd0RtSXsc5StvBWb0v21pHnosbxNBc2ATqg7tP 9Bq/KvNMG6/I QLEypV NGJo5Td4YCVb9krbj 68f6LTOcbA4V1r/.../FqTaILUcxau2uoMZSU0m09mvos=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/WVl6OTRQWFpIUWlVeVFsZEJPRTlWUTJwMFFpVXlSakkwYlhselZpVXlSbmMwTVdWSFpsVktibXA2VXlVeVJsVm1ibGh6Ym1FeWJ5VXpSQ1pqUFZJMlYxTldZM2R0UzBkeFpIVlNVR3RVZFROUlNrdHFaMnBzZWpKcWJXMDVSbmRUZGlVeVJucENSREJ6V1dNNE1HUTNVR1oxY1RkWE5EUjVZVEJFUjJaSk1rRllWbG93UlZjMVZUZFpKVEpDTWxCRVVXNDJURzlPTTFoNVdtcFZNRVJsT1V0RFdqRkpOemxpVmxKWUpUSkdORXQ2Y1ZOa1pXZ3lhM1JJYVRoaFJVRnJPRFk0T0hnME1DVXlRbTlzZGxoRU0yMVlkelV5Y20xeE1XZDNKVE5FSlRORUptVTlNQ1prYjNkdWJHOWhaRUZ6UFdkaGJtZGZZbVZoYzNSekxtVjRaU1ptWVd4c1ltRmphMTkxY213OVJtRnNiR0poWTJzclZWSk0=

http://www.appsfilessafe.com/c?x=7HYkTyejxvVTXAJ59OpmucVuxLjyWqERdSR66HY5PMQ=&c=Nb0SLAthjEG0APMsdAr9Om4kzvMoqX0tkT8vrNI4gN0UTiuTK3WjMltYI2F4Mn8steFaGY/.../FkIsxXkbRM4P5J 5el qSTFy312b42nHbgXZo41ed5EnNkT6JwhGPb5Pc9Pw2lXYgWRRZJGT1KybSXo=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=9Ar8BxyCIlP2ODmdhFwaw/Zsne2KHovENsm78mD1bh4=&c=9eA5ixclR5/nDzLvFPAEVV2Hln4Ip0Qu/DmppADHUE Neb4OBcvDSjEp6qLTinJLN 8E6EwL/.../2k1haA dSmZH3 ymZnVyuTSlCdicoTX4pNplItbzMCTwgQbvL8WUhCPk9c=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=WvJIRx41cYn/0Rn3gSfwlwY1zgkZulCarTAW7HcPjnk=&c=yghjHop2Way4ebgrfpvRq/.../88wZAjkFrU12YM7TOi6L0ztyM6iOmPlGRECKSyUMybl0Zulzc71H10763iTQVHj xMS7o8iQBn72YtOzFbw pbmUw7tGcqAFR95n9yQypF4i32IFtujNtYXMKc&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=RODS4tnAg9ISx7v4bXikjhctALJrgIwTQcZWMY2c2jI=&c=ZqsUiw0 Vqna/FZgO3 g34OK0qLAGDBTDFN2mHU5bAHCTdC w1PBRtV1sXX9yIKziokxJAoRb1Tjg36U7UpwLSRKK704gdpTt4AmtIpiSJaCzjFHgR6A/.../jGp2KwMEnV4Bdi9Bmqc5W9OqyJtHHN75ILIoDmY=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=KD/zcQf2VF0M2Rn9F1QWfFkv88dPEccn0Mw2ZGvBH M=&c=dqlwk 5A wpiW2/nVCeoI9HI/.../0T4pGjB2VZ8tphw0hOsmjxcYnQw8KKl0r1LPtVu 7divhVD84OACn5gkn2jI97ObCw=&e=0&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=ioZ6pZac5/ dyrNheY/.../RMg2zyJaQXVGxQqS0aEKF36ovkhBdyZd3UuANkoFHFd2UF0s0zpTnQ7NNWWfiyuZw87zaHPI&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=uk1Vm9148Hnsrn8m97dDwg1XW5 3OfKCEUvJo50G5 A=&c=Yz4iCjX3tclxBsRJ0f4zkrVVOCmWyTxogjkIaoZS2OtFz9 tw2ml74Pq5dO0JNz/w8z9yx91pu/.../m3QYh1DCM2rdhhs&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=GK6l5e1BAHFnqOsRItVG0EVY9JaSYUKNaXP/.../gw TA=&c=Erf6zc9lfmHltBY8 laHtpfpy62ruqO6Cqnz NUIMYN7cMbTxmZNgxJKMC 3IpMqqmJ60DfHPsmqKQUS0Ys4hVboJu8tmNPe1PA1Gfc6H6JMJjU7TM7waCPyePLn IUD&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

http://www.appsfilessafe.com/c?x=bqXLkQTtQhg0ipDB6Z x6ax Zmt389dqiRTFKg 9h E=&c=K6wDagw4SBAmQ0LeTMuwBt7VbEd Mu0cW5dclO7mqSPM5VMK5UAPu2Wxh4menkfF9Rzsq3b6OCuUG1vpvXuxMarutryzJ6kvWRIFG F6JyzGeyOLp3oyg81 a4CL7ttn&downloadAs=gang_beasts.exe&fallback_url=Fallback URL

Latest 30 of 107 download URLs

Remove gang_beasts.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.