home

garena shell hack tool downloader__3687_i1781487554_il1975267.exe.gz

The file garena shell hack tool downloader__3687_i1781487554_il1975267.exe.gz has been detected as a potentially unwanted program by 7 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.mark10hill.info and multiple other hosts.
MD5:
0b967f54fd027dae8d846484f92436ad

SHA-1:
9a3d5884dd7ff258f42b8dd8a44ff6abdd1d163d

SHA-256:
c77be53c1023ae2e11e2a4f352ef81e515846b29fdb62ceb64d8b1ca9b113f16

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 12:42:49 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Amonetize.Gen
8.3.2.4

avast!
Win32:Adware-gen [Adw]
2014.9-151213

AVG
Generic
2016.0.2897

ESET NOD32
Win32/Amonetize.MZ potentially unwanted application
7.0.302.0

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
15.0.0.562

McAfee
Trojan.Artemis!EE5DCD2A501F
18.0.204.0

NANO AntiVirus
Riskware.Win32.Amonetize.dzbkzd
1.0.10.5081

File size:
744.4 KB (762,236 bytes)

Common path:
C:\users\{user}\downloads\garena shell hack tool downloader__3687_i1781487554_il1975267.exe.gz

The file garena shell hack tool downloader__3687_i1781487554_il1975267.exe.gz has been seen being distributed by the following 9 URLs.

http://www.mark10hill.info/?vn=1.1.5.26&campid=3687&prefix=Archangel Kendra Lust Kendra L Downloader&getid[thankyoupage]=http://.../?success&getid[interrupted]=http://.../?cancel&ti1=1976198396&getid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1976198396.exe&appname=Archangel Kendra Lust Kendra Lust Is True Lust Sce Downloader&getid[cmdline]=&getid[appimageurl]=http://.../logo.png

http://www.striker19field.info/?vn=1.1.5.26&campid=15022&prefix=Inside Out 2015 DTS ITA ENG 1080p BluRay x264-BLUWORLD mkv&getid[thankyoupage]=http://.../tuOw8L6CKyzoUPWS6hon9m?tt=2&var1=&var2=&var3=24097&PCTX=&m=Inside Out 2015 DTS ITA ENG 1080p BluRay x264-BLUWORLD mkv&ti1=UjhWvKBPzQlyMXJ6GTxQ8-UPSVg8rvNSqycOYqYhMaECl6sYaibupfkduLdXOc9aRAGNDuU_JBg58AvUjIkdWzN9eJ751bcVjXfJWQwlNmprz94EuWXUs&getid[appsetupurl]=&appname=Inside Out 2015 DTS ITA ENG 1080p BluRay x264-BLUWORLD mkv

http://www.mark10hill.info/?vn=1.1.5.26&campid=3687&prefix=Purin To Ohuro Game Downloader&getid[thankyoupage]=http://.../?success&getid[interrupted]=http://.../?cancel&ti1=1898113468&getid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1898113468.exe&appname=Purin To Ohuro Game Downloader&getid[cmdline]=&getid[appimageurl]=http://.../logo.png

http://www.uzwmv30amstgybpqngxxf.info/randownload.php?8cPxqtrs4OTg1tSV9FXEYafQ5FMxkcBBsXCXwOW2deAQYXFV03BTQ5FhUbBQAfH1AMPh1aMB0EWiNXAjQdA1IVFkAmXDgkEBAaGQpbOkgCNx0sSRoHQD8dUBFdQzJXQXI/Sgw9CAUQHQRaI1cCNB0DWhEcWWoKJXVLNwcHEFcqSxB2HxQAGxdvJlYXNQoDAQIHUStlXjgMBQRXQHVqCiV1SjcEABxZP0wHPw8fGB0SUCpKTTMXHFFANRF8fgAxFhIRHlVAJgleYUBCTUpLDH4IU3YfFAAbF28uSBMjHQUBAgZGI2VeOAwFBFdAdWoKJXVKNxITAEAiXQc5GRUbBR1YIFkHI1YSGx9WBglcDCcWHRsTFxF9fjMiFxwEBl5wIE8NPBcQEBcBGX4AUGlASUxDQwRhXRs1XhAEAh1VIl1eBxEfEB0ER2RoCz8WFF82HEMhVAwxHBQGVBRRO1EHCxscEB4aWiplXnYfFAAbF28uSBM5FRATFwZGI2VeOAwFBFdAdWoKJXVKNwQAHFk/.../Dx8YHRJQKkpNMxccUUA1WCBfDH4IHxNUAAVyDABhTkUWEBYMe1pXM0ETRhBKAXgIBjZMREVKQlYpXQdlTEUWEEABLR4XYUVAQEZKDXgBUmdN

http://www.mark7hill.info/?ci=3422&version=1.1.5.26&prefix=Harry Potter and the Prisoner of Azkaban

http://www.fuze-hill3.xyz/?ci=3113&version=1.1.5.26&prefix=ZBrush 4 R6 Full Keygen

http://www.mark10hill.info/?vn=1.1.5.26&campid=3687&prefix=Document Id 237614 Downloader&getid[thankyoupage]=http://.../?success&getid[interrupted]=http://.../?cancel&ti1=1300202144&getid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1300202144.exe&appname=Document Id 237614 Downloader&getid[cmdline]=&getid[appimageurl]=http://.../logo.png

http://downloadfiles-cdn.com/direct/download.php?aff=13365&name=Facebook Account&type=document&url=http://westfiles.info/.../Facebook.Account.v.1.3.exe

http://www.mark10hill.info/?vn=1.1.5.26&campid=3687&prefix=Garena Shell Hack Tool Downloader&getid[thankyoupage]=http://.../?success&getid[interrupted]=http://.../?cancel&ti1=1839477378&getid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1839477378.exe&appname=Garena Shell Hack Tool Downloader&getid[cmdline]=&getid[appimageurl]=http://.../logo.png

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.