i2Dyn.exe

Setup Manager

QUALITY SCORE SL

The file i2Dyn.exe by QUALITY SCORE SL has been detected as adware by 4 anti-malware scanners. The file has been seen being downloaded from offersrepo.com and multiple other hosts.
Publisher:
QUALITY SCORE SL  (signed and verified)

Product:
Setup Manager

Version:
2.7.12.418

MD5:
69cba4edb2d28575d63c6f1abef66187

SHA-1:
1fe671c695e646ab7b860bf61c1ed3eee07be90f

SHA-256:
057c16f5c6562690295ed9040b2b1ed8c95b11ca7dd23758ac962cc91e20d8a8

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
11/23/2024 10:02:53 PM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.QualityScore
v2015.01.24.02

Reason Heuristics
PUP.Installer.QUALITYSCORE
15.1.24.2

Trend Micro House Call
Suspicious_GEN.F47V0118
7.2.24

VIPRE Antivirus
Iminent
36914

File size:
252.3 KB (258,360 bytes)

Product version:
2.7.12.418

Copyright:
Copyright © 2013-2014

Original file name:
i2Dyn.exe

Language:
Language Neutral

Common path:
C:\windows\temp\e1a3.tmp

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/2/2014 12:00:00 AM

Valid to:
1/2/2015 11:59:59 PM

Subject:
CN=QUALITY SCORE SL, O=QUALITY SCORE SL, STREET=CALLE SERRANO 213, L=MADRID, S=MADRID, PostalCode=28016, C=ES

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4AB0F061E1C305B4B31A8ACE3AEA2E01

File PE Metadata
Compilation timestamp:
12/10/2014 8:02:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:wUPqYM2ffbAExJ94Ed3af16uxAWse7HYVNh0BKTiTvB+gKtJiCttN9nJFDO/4Rd1:PJffbAExcE4fXxAWsebYVNh0BKTiTvUJ

Entry address:
0x3A17E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.1075

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
224.5 KB (229,888 bytes)

The file i2Dyn.exe has been seen being distributed by the following 13 URLs.

http://offersrepo.com/download.php?signature=qualityscorei3&downloadName=apache-open-office-4-0-1.exe

http://offersrepo.com/download.php?signature=qualityscorei3&downloadName=adobe-acrobat-reader.exe

http://offersrepo.com/download.php?__tc=1418405646724&signature=qualityscore&downloadName=google-chrome-29.exe

Remove i2Dyn.exe - Powered by Reason Core Security