» gta_s_andreas_v1.05-gorpaki.apk.exe
Overview
Analysis
File Details
Downloads (1)

gta_s_andreas_v1.05-gorpaki.apk.exe

Imbernes Premium

This belongs to a Solimba product that may be bundled with additional PUPs or may be part of an ad-supported software program. The application gta_s_andreas_v1.05-gorpaki.apk.exe by Imbernes Premium has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Solimba DownloadMR installer. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.

File name:

Publisher:

Imbernes Premium (signed and verified)

MD5:

50771c00ab28f7c69290cd7e5aa744f0

SHA-1:

19840a2fbd64bfce264abfc9e3ff206a73eb3489

SHA-256:

83c386558fde127448fa5d22ba8d5ae1869a91c5e16e6a4a763c590e697b1c5a

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the Solimba installer to bundle adware offers.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

1/13/2025 7:40:47 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Solimba (M)

16.7.25.18

File size:

525.7 KB (538,328 bytes)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Solimba DownloadMR

Common path:

C:\users\{user}\downloads\gta_s_andreas_v1.05-gorpaki.apk.exe

Digital Signature

Signed by:

Imbernes Premium

Authority:

Thawte, Inc.

Valid from:

9/24/2014 9:00:00 PM

Valid to:

9/24/2016 8:59:59 PM

Subject:

CN=Imbernes Premium, O=Imbernes Premium, L=Barcelona, S=Barcelona, C=ES

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

7F5F4DEF151E880D1AEDCA5A528F297A

File PE Metadata

Compilation timestamp:

1/22/2015 1:34:10 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:BcEdvRCTeaLpTS6UuEYeIDf7NX5o7cwoeL8JRTVZVYU2jxWa3vjw9Sj:BcEdATs6UXIDjNQGHZaZr3j

Entry address:

0xC6AC

Entry point:

E8, AC, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, C0, 4C, 42, 00, E8, FE, 15, 00, 00, E8, 7D, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 3F, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 08, 65, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

107.5 KB (110,080 bytes)

The file gta_s_andreas_v1.05-gorpaki.apk.exe has been seen being distributed by the following URL.

http://solimba.getportal.net/misc/.../?src=xrx&file=GTA_S_Andreas_v1.05-GORPAKI.apk

Remove gta_s_andreas_v1.05-gorpaki.apk.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.