» hide my ip 6__15155_il269374.tar
Overview
Analysis
File Details
Downloads (1)

hide my ip 6__15155_il269374.tar

The file hide my ip 6__15155_il269374.tar has been detected as a potentially unwanted program by 4 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.xcsdvbfg8ytbvcxzas.info.

File name:

MD5:

edf8e2a58b8552c6ac5b4e52eae9b873

SHA-1:

288ac89ff86e2a50e8c29e9bd7f0c6db708c3a16

SHA-256:

7e11aa2ce3e5d209ef066ec38494b71ad39d65c0851375d0f8faffe9c7afbc5c

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 8:29:41 PM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

infected with Trojan.Amonetize.11609

9.0.1.05190

ESET NOD32

Win32/Amonetize.MS potentially unwanted application

7.0.302.0

Kaspersky

not-a-virus:AdWare.Win32.Amonetize

15.0.0.562

Reason Heuristics

PUP.Amonetize (M)

16.1.6.22

File size:

663 KB (678,912 bytes)

Common path:

C:\users\{user}\downloads\hide my ip 6__15155_il269374.tar

The file hide my ip 6__15155_il269374.tar has been seen being distributed by the following URL.

http://www.xcsdvbfg8ytbvcxzas.info/mer2.php?OUgc6PjTSNOTAVEF8/BGliYH57Uk0DZUw3MiM/.../ZWguJRcNVz0PaRsnKzBMLk97IwR4eGkmVl5TNghkZn8pNF5RAmIMZTV8K2JUBVczCGI3KHdjUwJQNV5nNnd5ZlNXECRbaWJ6e2xRUQ9gW2I=

Remove hide my ip 6__15155_il269374.tar - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.