home

grand-theft-auto-5.exe

Installer App

PremiumBeam (New Media Holdings Ltd.)

The application grand-theft-auto-5.exe, “Installer App Setup ” by PremiumBeam (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer.
Publisher:
Web Internet   (signed by PremiumBeam (New Media Holdings Ltd.))

Product:
Installer App

Description:
Installer App Setup

Version:
4.1.1.0

MD5:
fdffa2570a3cf54a38c73bb8a25c8691

SHA-1:
8ea544bf95587daab0bab04926f78ea8bdc025bd

SHA-256:
2065beb2e4fc9bc834826ca00767ca6d2ca27f866da3a6089abcb5f1a8c91127

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/24/2024 4:06:31 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewMedia.NMH (M)
17.2.6.4

File size:
943.7 KB (966,368 bytes)

Product version:
2.5

File type:
Executable application (Win64 EXE)

Bundler/Installer:
installCore

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\grand-theft-auto-5.exe

Digital Signature
Signed by:
PremiumBeam (New Media Holdings Ltd.)

Authority:
GlobalSign nv-sa

Valid from:
4/22/2015 10:45:10 AM

Valid to:
4/22/2016 10:45:10 AM

Subject:
CN=PremiumBeam (New Media Holdings Ltd.), O=PremiumBeam (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B4B9A4DE84F00FFF235BFDBE17F0C49A

File PE Metadata
OS bitness:
Win64

Entry point:
50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, 64, 12, FF, 40, DB, 1B, E9, 00, B0, 7E, 12, 00, 00, 00, 2A, 00, 0D, 00, 00, 00, 49, 56, 53, 41, 53, 65, 74, 75, 70, 2E, 65, 78, 65, E4, 5C, 0B, 90, 1D, C5, 75, BD, EF, 37, F3, BE, AB, 9D, 7D, BF, DD, B7, 92, DE, D3, FE, 34, 7A, 4F, 2B, 56, BB, D2, AE, 24, 48, 90, F8, 47, E6, 67, B0, 40, 02, C7, 42, 48, B2, 2C, 7E, 23, E6, 49, 09, B0, 96, 2C, 6C, 63, 1B, 63, 84, E2, 7C, BD, 31, 36, 41, E0, D8, 89, 1D, 8C, B1, 1D, 19, 42, 30, 81, 24, B6, 31, 09, A4, 30, D8, 80, D6, E0...
 
[+]

Entropy:
7.9998  (probably packed)

Remove grand-theft-auto-5.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.