» garbage.bin.comics_10924_i68074156_il345.exe
Overview
Analysis
File Details

garbage.bin.comics_10924_i68074156_il345.exe

Adobe Download Manager

LLC BUDІMEKS

The application garbage.bin.comics_10924_i68074156_il345.exe by LLC BUDІMEKS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

Adobe Systems Incorporated (signed by LLC BUDІMEKS)

Product:

Adobe Download Manager

Version:

2.0.0.65s

MD5:

206b77b492d242de246cc45865fd08c8

SHA-1:

954800a9d14a2552266164702e484bd3e716c96b

SHA-256:

c6d16d51bdcf5cb2f93d1e14f7487d5f24ee15f00ebd595614a59b02953fc8b1

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/6/2024 7:45:19 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize.Bundler (M)

17.2.28.23

File size:

900 KB (921,616 bytes)

Product version:

2.0.0.65s

Original file name:

Adobe Download Manager

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\garbage.bin.comics\garbage.bin.comics_10924_i68074156_il345.exe

Digital Signature

Signed by:

LLC BUDІMEKS

Authority:

COMODO CA Limited

Valid from:

8/27/2015 5:30:00 AM

Valid to:

8/27/2016 5:29:59 AM

Subject:

CN=LLC BUDІMEKS, O=LLC BUDІMEKS, STREET=Cvitna 34, L=Gorodockey area Galichani vilage, S=Lvovskaja, PostalCode=81523, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E9F1B23ADDECC133378F48EBB20F9E3D

File PE Metadata

Compilation timestamp:

10/7/2015 2:52:48 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x16138F

Entry point:

68, 46, 19, C3, 0E, E8, 3E, 00, FE, FF, 7B, 33, D7, 15, 97, 9D, FB, 45, 4D, 21, B2, E6, 5E, 0F, DF, 67, 1B, 8C, 5B, 53, 4D, 94, 07, A1, AC, AA, 7A, AE, 34, 09, 58, 91, F3, 5B, 53, AB, F4, 94, C8, F6, E0, 30, B3, A1, AC, 12, 24, 31, 34, 09, 7E, A2, 32, 34, 09, AA, D4, 72, 34, 09, 04, FD, F8, 37, 09, D7, 77, 82, 5B, 53, 33, F7, 50, A4, AC, 92, E2, 63, C0, BD, D9, 37, 09, 61, 34, 5B, 53, 2C, 62, 9C, 3F, 79, E6, A4, AC, D3, 33, 34, 09, A5, F4, 2E, 34, 09, 76, 5E, 5F, 53, 5C, 99, 3B, CB, F6, 07, 36, A4, AC, B5... 
[+]

Entropy:

7.9113 (probably packed)

Code size:

860 KB (880,640 bytes)

Remove garbage.bin.comics_10924_i68074156_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.