grp 2015 online beta 0.4 torrent.exe

SARKARA-GRUP LLC

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application grp 2015 online beta 0.4 torrent.exe by SARKARA-GRUP has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the OutBrowse Revenyou installer.
Publisher:
SARKARA-GRUP LLC  (signed and verified)

Version:
1.0.0.0

MD5:
97e19a2363e14dc87a98e198dcfaa3b3

SHA-1:
be2b85a600f3b95cd6b06f38ec43a78ed9d5e7bc

SHA-256:
42f5ae3009edcb62ce548aaa9e2664075fd2a8419c548d8a61c431e7fd6b3992

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 6:31:50 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
16.10.16.15

File size:
5.1 MB (5,345,088 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou

Common path:
C:\users\{user}\downloads\grp 2015 online beta 0.4 torrent.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
12/2/2014 4:00:00 AM

Valid to:
12/3/2015 3:59:59 AM

Subject:
CN=SARKARA-GRUP LLC, O=SARKARA-GRUP LLC, L=Kyiv, S=Kyiv, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
796A7EBB47570CA680BE9B9D828F2CC4

File PE Metadata
Compilation timestamp:
6/20/1992 3:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:ec0pnjK+FKU3eBsokkWwDwjvSSCP+7MxYRQRu5i2U3Go5vo5bxT8liMZ13GLz+Ec:4jKJaBokqDFSv7Mxvu5i2uGo5vYbxrMv

Entry address:
0x751AE0

Entry point:
60, BE, 00, C0, 6F, 00, 8D, BE, 00, 50, D0, FF, C7, 87, A4, 10, 37, 00, 90, 1F, 40, DE, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
4.3 MB (4,546,560 bytes)

Remove grp 2015 online beta 0.4 torrent.exe - Powered by Reason Core Security