home

hotline miami 2.0.1.5 drm free (gog)_10924_i1297227_il345.exe

Ukra-2006 LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application hotline miami 2.0.1.5 drm free (gog)_10924_i1297227_il345.exe by Ukra-2006 has been detected as adware by 4 anti-malware scanners. The program is a setup application that uses the TUGUU DomaIQ Setup installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
Ukra-2006 LLC  (signed and verified)

MD5:
2f25fa31b59906b1859c5350e310f1b4

SHA-1:
ffb0f980d37f6eae73bf86f345c0b2419b42bc3b

SHA-256:
07efbddf71ac53d2fc90f3acb91d76d37e5c6c2959d31ca7c4d5c94e8658dc66

Scanner detections:
4 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/16/2024 9:37:54 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Ukra
2015.0.3294

G Data
NSIS.Application.Crypted
14.11.24

Reason Heuristics
PUP.Ukra2006.w
14.11.10.21

Sophos
Amonetize
4.98

File size:
207.9 KB (212,880 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
TUGUU DomaIQ Setup (using Nullsoft Install System)

Common path:
C:\users\{user}\downloads\hotline miami 2.0.1.5 drm free (gog)_10924_i1297227_il345.exe

Digital Signature
Signed by:
Ukra-2006 LLC

Authority:
Thawte, Inc.

Valid from:
7/1/2014 2:00:00 AM

Valid to:
7/2/2015 1:59:59 AM

Subject:
CN=Ukra-2006 LLC, O=Ukra-2006 LLC, L=Kharkiv, S=Harkivska obl, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2B3200D1AF3CAC4253C00F000EF4BAB9

File PE Metadata
Compilation timestamp:
10/7/2014 6:40:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:OGC7W7BU5tMqKGqcUz9PbKddVHCCNojxiHlgc:Ea7geqKGqP9DKdd7ixiFgc

Entry address:
0x322E

Entry point:
81, EC, D8, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 09, A3, 78, 4F, 43, 00, E8, FD, 2E, 00, 00, A3, C4, 4E, 43, 00, 55, 8D, 44, 24, 38, 68, B4, 02, 00, 00, 50, 55, 68, D8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, C0, 3E, 43, 00, E8, 68, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, 56, 2B, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

The file hotline miami 2.0.1.5 drm free (gog)_10924_i1297227_il345.exe has been seen being distributed by the following 9 URLs.

http://downprov.downloadfasteasy.com/.../FILM MIASTO 44 POBIERZ_10924_i1452277_il345.exe

http://downprov.bubbledownload.com/.../Yasmin.Gamal.Ahla.Wahda.2014.MyEgy.rar_10924_i1249151_il345.exe

http://downprov.downloadfasteasy.com/.../GietzUpdateFM15v1.0.fmf_10924_i1369825_il345.exe

http://downprov.downloadfasteasy.com/.../klub prepa mp gratuit_10924_i1297653_il345.exe

http://downprov.downloadfasteasy.com/.../daft punk too long_10924_i1436392_il345.exe

http://downprov.downloadfasteasy.com/.../descarca filme noi gratuit_10924_i1473668_il345.exe

http://downprov.downloadfasteasy.com/.../b tech resume format_10924_i1376384_il345.exe

http://downprov.downloadfasteasy.com/.../need for speed 2000 cars_10924_i1330021_il345.exe

http://downprov.downloadfasteasy.com/.../Kastor All Video Downloader 5.5.0_10924_i1279398_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.