icreinstall_downloadmanagersetup.exe

Click run software

The installer utilizes InstallCore which may bundle about 3-4 offers for various ad-supported toolbars, extensions and utilities. The application icreinstall_downloadmanagersetup.exe by Click run software has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory. While running, it connects to the Internet address os.solvefile.com on port 80 using the HTTP protocol.
Publisher:
Click run software  (signed and verified)

MD5:
a6795a948d33a6bb5ff1144af2a5ce23

SHA-1:
48737d1a12c105b9f0a0ed0b68890208f2928186

SHA-256:
ca10b9faf8764d6194eae1103532c74d2a1088b5fd112b74bdd1d1754408fc0e

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Utilizes the InstallCore download manager that may bundle various adware-type offers.

Analysis date:
11/27/2024 1:01:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.3.15.14

File size:
1.1 MB (1,141,008 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\icreinstall_downloadmanagersetup.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
4/19/2012 4:00:00 AM

Valid to:
4/20/2013 3:59:59 AM

Subject:
CN=Click run software, O=Click run software, STREET=63 Rotshylid Shderot, L=Tel-Aviv, S=NA, PostalCode=65785, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A243E49C0DAF69F7C5ACF083EB184161

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xD5570

Entry point:
55, 8B, EC, 83, C4, F0, B8, FC, EB, 41, 00, E8, 9A, FC, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.6529

Developed / compiled with:
Microsoft Visual C++

Code size:
866 KB (886,784 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to os.solvefile.com  (207.189.109.121:80)

TCP (HTTP):
Connects to cdnus.solvefile.com  (207.189.109.121:80)

TCP (HTTP):
Connects to cdneu.webfilescdn.com  (65.254.40.36:80)

Remove icreinstall_downloadmanagersetup.exe - Powered by Reason Core Security