gusetup_pubg.exe

SINAINSTALLTECH(APPS INSTALLER S.L.)

This is the Solimba installer program that will bundle additional offers mostly including adware and various unwanted PC utilities. The application gusetup_pubg.exe by SINAINSTALLTECH(APPS INSTALLER S.L.) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Solimba DownloadMR installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
Player-GMU  (signed by SINAINSTALLTECH(APPS INSTALLER S.L.))

Product:
Player-GMU

Version:
1.0.1.67

MD5:
3ec42d2e64575bbba27c10561ba47f3e

SHA-1:
788daaea74ef829f566b7d4a9d0c7c7ac58c795e

SHA-256:
6b5e8b6052e3d112bd3a361997d98148222d6200cb4fc96c00eca7533b5d47df

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/25/2024 1:14:56 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Solimba (M)
17.1.25.11

File size:
6.8 MB (7,150,272 bytes)

Copyright:
@2015/16

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR (using Nullsoft Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\gusetup_pubg.exe

Digital Signature
Authority:
Unizeto Technologies S.A.

Valid from:
4/29/2015 7:10:22 PM

Valid to:
4/28/2017 7:10:22 PM

Subject:
E=support@appsinstaller.es, CN=SINAINSTALLTECH(APPS INSTALLER S.L.), O=SINAINSTALLTECH(APPS INSTALLER S.L.), C=ES

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
42BC1938C10F58E9EF7EE462B0393A3C

File PE Metadata
Compilation timestamp:
10/7/2014 1:40:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x3217

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 09, A3, B8, 37, 42, 00, E8, C0, 2D, 00, 00, A3, 04, 37, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, B8, EC, 41, 00, FF, 15, 64, 71, 40, 00, 68, E4, 91, 40, 00, 68, 00, 2F, 42, 00, E8, 6A, 2A, 00, 00, FF, 15, B0, 70, 40, 00, BD, 00, 90, 42, 00, 50, 55, E8, 58, 2A...
 
[+]

Entropy:
7.9997

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove gusetup_pubg.exe - Powered by Reason Core Security