gta-4-crack.exe

Protected Downloader

Zugara Investments Limited

The application gta-4-crack.exe, “Protected Downloader Setup ” by Zugara Investments Limited has been detected as adware by 17 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from dla.uloz.to and multiple other hosts.
Publisher:
Zugara Investments Limited   (signed by Zugara Investments Limited)

Product:
Protected Downloader

Description:
Protected Downloader Setup

MD5:
f8406141bb9c8f3d03637f9aa1098c8a

SHA-1:
0188c1ae80ab6418a2f861c8cb6c62aa12ab80c0

SHA-256:
ed8c9ac1faf2a1f86ef6962e5a87c13745b16cfba7450eac0acac4747f75acd5

Scanner detections:
17 / 68

Status:
Adware

Analysis date:
11/24/2024 8:57:08 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Zugara.boeb
8.3.2.2

Baidu Antivirus
PUA.Win32.VMDetect
4.0.3.15923

Bkav FE
W32.HfsAdware
1.3.0.7237

Comodo Security
Application.Win32.Zugara.BA
23288

Dr.Web
Adware.Downware.6417
9.0.1.0266

ESET NOD32
Win32/VMDetect.F potentially unwanted (variant)
9.12296

G Data
Win32.Adware.Zugara
15.9.25

IKARUS anti.virus
AdWare.Zugara
t3scan.1.9.5.0

K7 AntiVirus
Unwanted-Program
13.210.17306

Kaspersky
not-a-virus:RiskTool.Win32.VMDetect
14.0.0.1382

McAfee
Artemis!F8406141BB9C
5600.6633

NANO AntiVirus
Riskware.Win32.VMDetect.dtqptk
0.30.24.3283

Panda Antivirus
Generic Suspicious
15.09.23.04

Qihoo 360 Security
Win32/Virus.Adware.8b7
1.0.0.1015

Reason Heuristics
PUP.ZugaraInvestments.Installer (M)
15.9.23.16

Sophos
Generic PUA AB (PUA)
4.98

VIPRE Antivirus
Trojan.Win32.Generic
43988

File size:
1.2 MB (1,224,040 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\gta-4-crack.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
7/10/2014 2:00:00 AM

Valid to:
7/11/2015 1:59:59 AM

Subject:
CN=Zugara Investments Limited, O=Zugara Investments Limited, STREET=Naousis 1, STREET="Karapatakis Building, Suite 2, 4th floor", L=Larnaca, S=Larnaca, PostalCode=6018, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0F61CE2AF8431A752FBA5F8EC235BDB0

File PE Metadata
Compilation timestamp:
1/30/2013 3:21:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:OxGjJqUCTukz8RYAIW5TUO/QIrHux8eaJOPKlsML:z4Z8RYAIErG8dhKq

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file gta-4-crack.exe has been seen being distributed by the following 15 URLs.

http://dla.uloz.to/Ps;Hs;fid=69944667;cid=928722723;rid=1713236835;up=0;uip=213.81.221.201;tm=1484344603;ut=f;aff=uloz.to;did=uloz-to;He;ch=c9990e686b9a295d05d283e8da12f81a;Pe/.../hay-day-exe?bD&c=928722723&De

http://dla.uloz.to/Ps;Hs;fid=69941460;cid=1066083094;rid=1389961113;up=0;uip=85.70.12.235;tm=1479316557;ut=f;aff=uloz.to;did=uloz-to;He;ch=8efe9593e1e31a4c1b77d7be302a3939;Pe/.../call-of-duty-2-crack-exe?bD&c=1066083094&De

http://dla.uloz.to/Ps;Hs;fid=100701227;cid=2056994262;rid=1408701349;up=0;uip=195.28.94.66;tm=1475155619;ut=f;aff=uloz.to;did=uloz-to;He;ch=908a88f92928d1cc2426633cf9572c4a;Pe/.../farming-simulator-2011-exe/.../farming-simulator-2011-exe?bD&c=2056994262&De

http://proxycache45-free.uloz.to/Ps;Hs;fid=69946962;cid=245879668;rid=548009910;up=0;uip=89.102.112.76;tm=1480416724;ut=f;aff=ulozto.cz;did=ulozto-cz;He;ch=f67465a91206dda67248862c7d466c8d;Pe/.../dvd-player-exe?bD&c=245879668&De&proxy=proxycache45-free.uloz.to&redirs=1

http://dla.uloz.to/Ps;Hs;fid=69940227;cid=333353222;rid=744964456;up=0;uip=195.68.234.190;tm=1477047710;ut=f;aff=uloz.to;did=uloz-to;He;ch=c7ef42f7d18c43a9f360f8a960ba817d;Pe/.../euro-truck-simulator-2-crack-exe?bD&c=333353222&De

http://dla.uloz.to/Ps;Hs;fid=100701227;cid=1785837949;rid=531540262;up=0;uip=109.69.214.24;tm=1479468312;ut=f;aff=ulozto.net;did=ulozto-net;He;ch=a0420dd8024bef9488b050a18f492c5a;Pe/.../farming-simulator-2011-exe?bD&c=1785837949&De

http://dla.uloz.to/Ps;Hs;fid=69932811;cid=1553150986;rid=1862555382;up=0;uip=194.96.83.251;tm=1476209830;ut=f;aff=uloz.to;did=uloz-to;He;ch=2d9758e9283321a6f43bf6025046e9c8;Pe/.../warcraft-3-the-frozen-throne-crack-exe/.../warcraft-3-the-frozen-throne-crack-exe?bD&c=1553150986&De

http://dla.uloz.to/Ps;Hs;fid=68948829;cid=1792639964;rid=849717613;up=0;uip=79.141.254.117;tm=1453386624;ut=f;aff=uloz.to;did=uloz-to;He;ch=8fb2cf5333769294536c9d0a2967dede;Pe/.../traktor-simulator-exe?bD&c=1792639964&De

http://dla.uloz.to/Ps;Hs;fid=69939723;cid=553590182;rid=2000135762;up=1;uid=11823382;uip=85.248.157.237;tm=1472314334;ut=f;aff=ulozto.sk;did=ulozto-sk;He;ch=38d64d8dd00c65760f2abb47189c3d56;Pe/.../farcry-2-exe?bD&u=11823382&c=553590182&De

Remove gta-4-crack.exe - Powered by Reason Core Security