home

icreinstall_left4dead2.exe

Installer Internet Web

AgileMax (New Media Holdings Ltd.)

The installer utilizes InstallCore which may bundle about 3-4 offers for various ad-supported toolbars, extensions and utilities. The application icreinstall_left4dead2.exe, “Installer Internet Web Setup ” by AgileMax (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from www.besttoursvaults.com and multiple other hosts. While running, it connects to the Internet address os.solvefile.com on port 80 using the HTTP protocol.
Publisher:
Software   (signed by AgileMax (New Media Holdings Ltd.))

Product:
Installer Internet Web

Description:
Installer Internet Web Setup

Version:
3.4.4.8

MD5:
390ae595418548dbd1a00a4a655b0620

SHA-1:
10b6fd21e6d37ffbbdc982078edbbe5f1edbd00f

SHA-256:
d3951fc08fa616f58e7e27f99cd5292a3363150b4407c53a3b6bdc4358f032bf

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Utilizes the InstallCore download manager that may bundle various adware-type offers.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/15/2024 2:28:17 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewMedia.Installer.Installer (M)
16.1.16.8

File size:
958.3 KB (981,304 bytes)

Product version:
3.1.5

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\appdata\local\temp\icreinstall_left4dead2.exe

Digital Signature
Signed by:
AgileMax (New Media Holdings Ltd.)

Authority:
GlobalSign nv-sa

Valid from:
12/16/2015 9:04:31 AM

Valid to:
10/30/2016 12:53:45 PM

Subject:
CN=AgileMax (New Media Holdings Ltd.), O=AgileMax (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112186313590F7C0AF7C143BC6BDE6200476

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:IKSxgTgYTb5VISBjR4+UL5WwuLCv9yUQ3YuEjHyq8pU:IreTgmVVH/U9WwWCv9yJ3aZI

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file icreinstall_left4dead2.exe has been seen being distributed by the following 50 URLs.

http://www.besttoursvaults.com/c?x=PvzwOiOGBE4y8qO 1cQ8o4uo5RKxIBm0Szs5xonNuAE=&c=xDlDRoRKFIzqTD7Yeg1Fcw/925rXn33ELDvCfvVzDATEWpFZBXblA8VS60C7i0f5zVbiUcFAsk1f6i iZvZelch8IcbtqbssOgv96vyWhKr3WUGBGE6bFOSxbhzZ1S35Yqf5lYhtVmCsOmAY3QlV5g==&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.besttoursvaults.com/c?x=S0ZasAX/TSjEgdB9siCBokcSpty6AiHzLkh4xSpVePI=&c=1dkNCW2YIIPVfuKP/6wMoA72vFAj6EmAb/AriO8S8KPZCxx4jMC2n0iJBsDr8AOA9ywa9Tk4nYKgmkPKuGMDSTdsFBrpFbN1M1gynca9eD9Y6j15gae25ewhhVLpOdAnn7KIC9oLw3CVIwn2ssj/XHoLhlGIdjRfXxgwVO9IwrE=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.sendtowersnew.com/c?x=s1rU4KCeTgpPjrh9StDPDMVq9h P7pDSTfEp0fakR54=&c=woo/7NANAWzsDtp4aD4uqpPw c2yLd8INUxgNgIGD7EpidULFhtf/oqqAXIhny IFTv4gFQHwIjonMNciP8KElXWKNQcRd7rZ5Ep2gZbFZUN5LuMoNg2moDdB7lNOBGYfNAAdyWFJNRatTbwsE9qc c4PqkfRto7n dHXPz/FCw=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.sendtowersnew.com/c?x=DdjTIiQTFUMrS7yRW9O0KvOHR2nNGGbUYZdsHmiFaUs=&c=RAZv2KiSDrpUDtF1kYJfOfBfOL1Y5yPGeMlWry58KySehc2Xnv5Hjc3QRiPXzGTCAmq1gZpOFGfAQ isBh5xSuGVc98 IJui cdPHt3ajnTifv41bHSKZHPc9IvhrzXszxPjGtTog1HaffsFZF4i8HLS1Kl1zmhiBbcfb1EWFr8=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.sendtowersnew.com/c?x=NBVmgFtjMwH/FA xN2jEoBc q5UFewubzXGDrYz Ltk=&c=WBam7OcJX3I/NxrKoNw370q5kQcgJeT1u4 ua7cIZfc6NhrCExLWyjgDsTgMbKEKGolkfcR/LC2k4TMx7cP3HzZu0eS4So2RyydJG7M0Jc6 wTeJ8CiLExzEjCR7EcZU6YSP7cOmDy00xQfaMJ/Rhe0TZBEz6pntR6voOtawxZQ=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.headsignchuckle.com/WVl6OTRQU1V5UWxKNk5XeGlKVEpDTjFVelVsVXlObE5YVjB0dlNtYzBka1pUZW14U1MxUm5XRGRhVUdGRWVIY2xNa0l5VUZrbE0wUW1ZejFqZEdrMk0ydEliMEo1WVZoUlJ6TjBXakU1VFVscmR6WjRXVGRZTVVwc2NGVkRWV2xQSlRKR1UwbHBhMlZMVDNONmJYUjBTVVV6YWpsRmJXNWhaWGgxV0V0blV6QTFVVk5pY0VJd2RWVnViV1JvY2tOU1FXRjVUV2xEWmtKQmFuRjFRVVpXSlRKR1ZtVTBRVXBHYWtSUVZGZE1jME0xZVNVeVJqRmhRbk5rUm5oa05WZFpjR2hZYVZJMlZuSkNWRVI1TlhCRGNuVnZaVVpRWW1jbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTliR1ZtZEMwMExXUmxZV1F0TWkxd2NtOW5jbUZ0WVhNdFozSmhkR2x6TFc1bGRDNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ptYVd4bGN5NWtiM2R1Ykc5aFpIQnliMmR5WVcxaGN5NWpiMjBsTWtaTVpXWjBORVJsWVdReUxucHBjQT09

http://www.bundlecentralbulk.com/c?x=rad8WbOxpTxu8T1YiwnZMAnCGmvCyddZ4ClW1c61rOk=&c=8IqH6PZDSboqaWBTyUbpEeY0bsubM xEaWrQmuuTZgkj7CeyLunbrbtcH ilkrqNpHjfTpG57zQKUYtTYzz26PsJ1ZkqO6xo6M VWOw58ZMMBR3vovxB8vl ZCJUn/8v9pDdDR9kdDG2mRAL89IWoxhHd0tjUaNyi1pgajHcViI=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.sendtowersnew.com/c?x=2Ouc0JBhgGTOjxMl2fw3yA6l gecWDCmqT03F3dxHy0=&c=sKCbvXBCR5AvxOHqs4GaRboXemlJ5BerA2eGyqAzL7L2u c2egvLKwRnd9lUe9oDLhiY7no0RErU2 cKf3wSbxhPeH9XDX0ccoKcn6alS7m/SR342S/SXoDOZPJzcz64Ng GhvMVR0b6ZXzDXMp6ZCbmCGFgmsznVRTpT1ZOCLU=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.sendtowersnew.com/c?x=xjb2kqSBLrJwMhhE4KybUjBlucdJNBX5nannt6bLRYI=&c=LBj383tHF4ogaw3D9dqQVLvi78ceRaxCqV46ehcigX 2yuDvrUtsqDRRJRauIXQ26I3EqTvB8B5sX6HrCIGtOIqnMcN tXSEeU0v/ilcMSkpY7MU5ja4TmIvvaphPJuZNGPt8D7iuQpbYaKG0lj7TO3W9VsJ1nl4KfprCT5TuP4=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/c?x=l12X4Rc4EpJLLDKtZp2wSCiX7u84GqxwTRUrASTwH0g=&c=SEsW/IQCKgD7p0yq4awqBRWxD4IrwVXxsSWMTpdA9OixVX7rortAmyTesSKnPv1qFNFwLH0XTcfw8eY25OszzBy83WYtUSImQuJned6mC6A1YZw36/YpJ2W0YIN0S xThe5oF37r44tHqqa8HvjpJOBEj5JtZFjKdkIEZ7fBRgM=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.besttoursvaults.com/WVl6OTRQVE56YkRrNFNGSmFjVFZWWTFrM0pUSkdXVWRCY210VlEwMDFkRVpJUW1scVQyeG5kVEppT1NVeVFubFZaamh2SlRORUptTTlVa1l6YjJKUk4zTnpWRXd4ZWpOQk9FZFlha3QzWVV3eFRsaFZhSHByWkhCRFkzRmlOSHBsUWtsclEwZG1SR2hxZWtaeGNYRTRKVEpHVDIxMUpUSkdOVnBPY1cxTGREUndOR295YUdwd01GaExWWEF4UlhwVk9HeE9XRTlKVGxGT1R5VXlSakZ0YVdoR00yWlhjMWxTY1NVeVJsRlVSRGhNUzBFeU5tMXNkSFpoVm5wMlExbHpVM3BTVjFnbE1rSmFkSE4wVUVWNVN6aHZNVGMyWlRRemR5VXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFzWldaMExUUXRaR1ZoWkMweUxYQnliMmR5WVcxaGN5MW5jbUYwYVhNdGJtVjBMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbVJ2ZDI1c2IyRmtjSEp2WjNKaGJXRnpMbU52YlNVeVJreGxablEwUkdWaFpESXVlbWx3

http://www.sendtowersnew.com/c?x=OutHE4cOOsh3TD6HF3xmUjnxlh6Bcle8Ts8vouFIq/M=&c=0Z3LDMPoBHp7sZtDi2pzet0ZQuPnqxz77A8KqvfQVNFon0yK67ZBdT QuYCJA4Mt1H47PbGqnXEd5/uPVmqOqge3VxNXSW43zGQEm7Pkqz27qooqKA4hiF7HDp4WdEEA/gwDVphCJ/aCBvtKr3s5gAr6wiw6eaqyEGWrjj7TH1JN5BGPysHpuWzyGS/DR1NE&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/c?x=9GD4WXnRKKYiLSpRaaxVLqGMmL0Ad2jszrnJPScgfa8=&c=Aa9KCKrA378t1a4s8CJEXwpNp2DDAW9yb5x/HzlMsk6SuKoRSP0jGWeXG uPLVwIsQjezeMm1MuwXlTCn0RYAZzDiB1lZMo/RrIhuvhyMTYKh81TA1PGLs3ByXlqwrLt1X76lIrPXlfDkjtryvXTnztjzL902u4v5OilRgk33cY=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/c?x=ODSOFswvczNP9DFuN93RaWTP wAme96evWwstq1v8Uk=&c=2/mdWHZlQS4 yy7uunfrZsKZPc/8r70kb5UvEb4tC1pAZT82FfmlgDHEq7rxUd/bvDo1RzA LvfrM4oIuMDkSCPGyW2wls88OtDpyPBHkBHq7l33IEQYZUTyk3Jd7oJlXhgc15v58NEbTrmJ0Uj2wplgtYz3KdWFkfvIYjHU g=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.headsignchuckle.com/c?x=cTFlv 6PK/7/oyWgV9gWuocvhyYQgaEwfKaOcxFaMf8=&c=aEe87dwv O1AT81/d8rdITzJ3dw4rO5XDQ1/5jxJ bLhfqBMUYWX/hdBz /zLRr1rXSear 8VHDbsgEmBczntuPAYa6MEgCDJDcRwM7NMZ88h6R1GnqSHEgpVxl3tLhWk29tEcbn9VQnGhAxQZ/LwBL p5XiUPl0CkwhJanKgVQ=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/c?x=i1Z LZ6f/AN5FXT7D NI114GfzfVamEd7zhqZlKBb8s=&c=B8mS1GTo7bxc6NmR4JdJx0oUhuQNNXy4ekB4FisV6MOQc5UcoYQKuEtA5xLwYqLuGxbi1v EMLywF4XXMQykNBvjYZSVGfdRAoZlEXeJWreKa0IarlTJ9wORuNSetR01CPKZwdU0Krn2MqeDzJzLv7dQ1qjcnl3n77S21yfpFB0=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/WVl6OTRQVzUyU2xsbVpESXhiWElsTWtJeFpsUllhWFk0ZEhaVGJFaGtPRkpUV2xaVVdHTjVlWFJpVHpsQ2JsTlVPQ1V6UkNaalBYRlBZbE5DZGs4d09IbDRkMmxCTWxWdldHRnVTSGhDYjJoekpUSkdaekY2WTNWalJERnRZVTVwYUc1dFIwdzRiMVZxYm0wMVV6TkNTeVV5Um1Vd0pUSkdTVGh5TW1GcVkxbG9heVV5Um1GamNFMUhhWFpaUmtjbE1rWmpOMWh3VkdWNVdGZFJPVEJQTVdOeWRtTjNRWFZVZVVadWR6UjVTR000ZUVKMFRIQnhka0ZRTUdOU2JVWmpRbkZ1T1UxeVZWTnBSRGxJTTBsUE9FRlFZV05sWjBFbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTliR1ZtZEMwMExXUmxZV1F0TWkxd2NtOW5jbUZ0WVhNdFozSmhkR2x6TFc1bGRDNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEFsTTBFbE1rWWxNa1ptYVd4bGN5NWtiM2R1Ykc5aFpIQnliMmR5WVcxaGN5NWpiMjBsTWtaTVpXWjBORVJsWVdReUxucHBjQT09

http://www.besttoursvaults.com/c?x=sOU5gUvIzRBM/Dk9n0oD/g7iaZj5A DtnwYnVCqzGA8=&c=KJ4iVKKcPqrE7LuKOWm3ufEb pXdAYYJzbLqUvZyzfIa9Ea7h2gCxbljAbKygnxzReOcVmCuJFUKwXcfroAul706elvFnWIUBx9Asf60SgfzBrZHkKJx7mDNy/KtiWXEGuizmNuIvQDosTqv6UfR4n5X3XZ076q4B1M92FmxbQc=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/WVl6OTRQWGRVWmpkWWVteEZZamRuVlVGWmFXMXZNM0ZGUnpaVFREZDZSRWgzVVhjeFowUnZTREl3YW1ZeVZXTWxNMFFtWXoxcmVHZFVkV0o0V2tVeVlrcHpURXh0ZVVJM056SnBXV2Q0VVZWeWVVSkpiazlFZGpJbE1rSlRRVGhsYzFOT2N6TnNZbkF4VWtNM05XZEhOVmM0VjJOb1lVaENia1kyVVhNNWNUWnZha0pMY0U4eU9HeHlkVWxQVnpSNVdFVlpSV3BFZFdaVmNsWjZkMEZtVVRGRll6WndRa1l6YnpkQlRqbGtlR2QyWTI5TE5sSnRNRTlsVVRJMk5uVXpSalpLY1VSNFdGUmFSMXB5UVNVelJDVXpSQ1psUFRBbVpHOTNibXh2WVdSQmN6MXNaV1owTFRRdFpHVmhaQzB5TFhCeWIyZHlZVzFoY3kxbmNtRjBhWE10Ym1WMExtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbVpwYkdWekxtUnZkMjVzYjJGa2NISnZaM0poYldGekxtTnZiU1V5Umt4bFpuUTBSR1ZoWkRJdWVtbHc=

http://www.bundlecentralbulk.com/WVl6OTRQVk5qV1ZVMk4xVk1NVWw2WkdoRFEwZE1RblJGVUhSalNGaG1XRE5QWlRaSWVUSnFTbk0xU1dKbGFtc2xNMFFtWXoxbGRFZHBURzR3VWt0UmJtUmhVVGxHYUc5Q05XMTNKVEpHV25aemVHcEtkbmhXV0VsSWFDVXlSamMyYVhCaFNteGxhMHBNYjB0VFdFMHlNelp5T1hkcGRsTm9TMkoyUm1NMVozZ3pWSFZTVVdkeVJHRTNNV0ZFVkZsMlJ6bFdPVk41YjFwSWFYSTFZV1ZvWmtWU2QyVlhTMGxPUVdwTmRVMWphR0ZrV1VoeU9HNDFkMFl5UVc5TVlreENkVTlKVUhKUFIyZHpiMGxIUzBSQkpUTkVKVE5FSm1VOU1DWmtiM2R1Ykc5aFpFRnpQV3hsWm5RdE5DMWtaV0ZrTFRJdGNISnZaM0poYldGekxXZHlZWFJwY3kxdVpYUXVaWGhsSm1aaGJHeGlZV05yWDNWeWJEMW9kSFJ3SlROQkpUSkdKVEpHWm1sc1pYTXVaRzkzYm14dllXUndjbTluY21GdFlYTXVZMjl0SlRKR1RHVm1kRFJFWldGa01pNTZhWEE9

http://www.bundlecentralbulk.com/WVl6OTRQU1V5UWprM1JUUlBUVmx4VWtrelZuYzJhbXh5VURGelZtaFdSVk0wTVdSd1QydEVhaVV5UmxFMWMwNXJSVlpKSlRORUptTTlVMDVqY1VWMVZUTlhjV2hUY0cxUVRHVk5WM2cxTVRNd05FRkxjMjU1U0VScGNHcEtUbmwyY0dWQk1rMTBOazQzUkZwaGRuWjVNbW81SlRKQ01XaFNObGRUV1VwTFpXcHFWekp5VFdKcFRGQjBRM2R3UlhFNWJEQmlaVWRhU2xVNFdHMUNRWG8xVlZONWJ5VXlRakI0ZG5KSE0yc2xNa1pMVG5vMlZHZzFUbXA2T0hZek9HRkZNemR6VkRSb2NqVkJXR05wVWpCR2QzYzJaMGRCSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBXeGxablF0TkMxa1pXRmtMVEl0Y0hKdlozSmhiV0Z6TFdkeVlYUnBjeTF1WlhRdVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5CSlRKR0pUSkdabWxzWlhNdVpHOTNibXh2WVdSd2NtOW5jbUZ0WVhNdVkyOXRKVEpHVEdWbWREUkVaV0ZrTWk1NmFYQT0=

http://www.headsignchuckle.com/WVl6OTRQVWRPVEZsVFVuZENUR2RXU2s5aFpqQm9la2xEVG0xTFRsVnJUa1pTU3pGMlpqUlhkblpXWkdoaGRUUWxNMFFtWXoxNVJtUnRjVEZ0WVVaRmFqazBTVTgzUW5GTWVVRkdOVkZOTWtjNFRXTmhUMDFxTkZwQk1IWkdjVVY0TWt0aWFqUkRTVWRNU0hKdk1UTjRSVmRNVFhVNFFsZGlXVFJWWVRnMk4xa3lTSEY0YmtSNE1VTkZjM0IzTkRkb2RWVkVjVEZHWmpCVVpFTjBRakF6VmlVeVFuZGhXRWt3Wld4bU9UQkxiVEp3U0ZWTFJWQkVOM1JMU1hWR01IaFhlSEJpYlRWb09Vd3piRWhUWnlVelJDVXpSQ1psUFRBbVpHOTNibXh2WVdSQmN6MXNaV1owTFRRdFpHVmhaQzB5TFhCeWIyZHlZVzFoY3kxbmNtRjBhWE10Ym1WMExtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjQ1V6UVNVeVJpVXlSbVpwYkdWekxtUnZkMjVzYjJGa2NISnZaM0poYldGekxtTnZiU1V5Umt4bFpuUTBSR1ZoWkRJdWVtbHc=

http://www.besttoursvaults.com/c?x=5ePetLe32g5exqguuPFeWP51XrmkWX9UJxORDIhY0oU=&c=5Jjs6gWwGmY83o2z/R986dICsLil3FC2rP0ICMV86 clJumH5yaTOVM65LhvC7 sflrw9nLaH2aP/nMJBQWll1RP49Sb0S7OHGxuD/15ORU3BUIYAE8tYGmmnBtFCF W7MLfWgW y4jnug17syQ1lg16vPwfNHJohlXXLfw8TWE=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/WVl6OTRQVWxTT0hSNk1Ya2xNa0puZVZjNGEweEtVSEkxUmtodmNXZzBkU1V5UWxCTFoySTNibUowUld0WmQwTldZbU5aSlRORUptTTliamhXT0hSWlpFSXdia3hwVUhad1VFZE9RazVNUWtsMk5XNTBNVXd4U1VaRlUwZHpVek0wUm5ONWN5VXlSbTlRV1d4eFJsWldXRkpNU0RWRFFYWkZlV3h1Wm5wRWRtcFpkamRCUTFKUlNFaGhjVWxpVGpOSVdESkxkMVJKTlhsdVprbEhSRGRvVFhkTmFIVlNNRGx3WjNWUFNFczJXVTUzYlRac2NrVTFiRTVpU1c5Q2RHbENKVEpHUm5Cck1uZEpiWEpQVVZOQmJUUTJRU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxc1pXWjBMVFF0WkdWaFpDMHlMWEJ5YjJkeVlXMWhjeTFuY21GMGFYTXRibVYwTG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJtWnBiR1Z6TG1SdmQyNXNiMkZrY0hKdlozSmhiV0Z6TG1OdmJTVXlSa3hsWm5RMFJHVmhaREl1ZW1sdw==

http://www.bundlecentralbulk.com/WVl6OTRQV3BJVDBOamNGZG1URVY2TVUxMmNGcDZZMWw2Ym5GVlNWTlRaWGgxUVdsalNrWkVTbWMwSlRKQ05VZzFUU1V6UkNaalBUY3daVWxpVUdjMU1EZHZZVkIzT1dNd1JXRkNUbmRuYVVadFpsaFhZMVJGSlRKR2RuUnRaSGRzWTJGeVpXeDRjR2t5YTJKRE9HaDNZMFZxZWtaSmJpVXlRbFJXUTBsS056RnFVRmxTU1U5Rk1ITnBTM1JDZDBGUlNXeFFkSEJvV0hSMWNtZzVRMlJhTVVoSVZXNVhPRzg0VFhKYWRuSmtVbEY0VkdKMldWUTFTMjVJV1hKaU5VcDJlRFpLYjNGekpUSkdPWEpJTlZGcVZ6aDVVU1V6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxc1pXWjBMVFF0WkdWaFpDMHlMWEJ5YjJkeVlXMWhjeTFuY21GMGFYTXRibVYwTG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJtWnBiR1Z6TG1SdmQyNXNiMkZrY0hKdlozSmhiV0Z6TG1OdmJTVXlSa3hsWm5RMFJHVmhaREl1ZW1sdw==

http://www.bundlecentralbulk.com/c?x=1xKkOA1Qct5Mcv49tH1wkLfhdWp43TR4Qi0UrO8cHV4=&c=dEUec8Wmgr/okFgVh5vfus05sq46mjZWEBYc/AijU5xviYYR6zLZ6i70eYZ/jKZmuoRm1LxT0QQrkInz20ravd0aNAtoq3AK/8R0pjd4cxrcRvsTPaa6lEAIzW0oQH/Sm/QJ3594qyWdQn8Q9RnyQUyi h4 xbj7CQ2SlUa5lts=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/WVl6OTRQVUZEVUVwWlEzTmpOV3cyYXpadFpFMVFiMFpSY2tGMFdWVXpORUpGUVNVeVFqY3dTMjgyYzNGWk5EVldkeVV6UkNaalBXcGFUMjh4UkhsMlNITnlUa0YwVjFwRFlWUmlXaVV5Um1aME9UbEhkMlV4TURacWNGUkpNaklsTWtKdldVbFdORmxCVlRoWmNtdGpSMkpvYVhKUmFuUkpTSGhqT0RkNE5UUXhPV2RQYUZGb1IxTk9ZVVZsVUcxV1ZrUXpaRGxGU1U5S1FWUjZNa2x6SlRKQ1FtY3dSVFZFTkZJME9UWmhaRVJuV1ZOeE9XaG5iM2hKVUdWMlUydDZSRmhNVHpWMVFqUnBaVFZNVWxGemJtMDRaeVV6UkNVelJDWmxQVEFtWkc5M2JteHZZV1JCY3oxc1pXWjBMVFF0WkdWaFpDMHlMWEJ5YjJkeVlXMWhjeTFuY21GMGFYTXRibVYwTG1WNFpTWm1ZV3hzWW1GamExOTFjbXc5YUhSMGNDVXpRU1V5UmlVeVJtWnBiR1Z6TG1SdmQyNXNiMkZrY0hKdlozSmhiV0Z6TG1OdmJTVXlSa3hsWm5RMFJHVmhaREl1ZW1sdw==

http://www.bundlecentralbulk.com/c?x=S5aIgKypc1cVJsTiE piYfUBy1j7Ff/FvdBRNZyL46E=&c=JsJ900OsSk4jC7ZTMWfaFOu89QlFFzSASzyVa9WsxxPmaOVG3MsY 52ePPBhKjpJzaY9Y/9opwbCFLn4kS5F6GD3AqB69ZqWndU0gq1L/hAWk5tmYOpJnO5CTnixwjuU7zu3IgDE/ZgyZIZDGHmBJe3h3vFoM5XwUM7xb0rgmvg=&e=0&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

http://www.bundlecentralbulk.com/WVl6OTRQU1V5Um01dmNVeG5abk5IY210dVRGaHBNVkZwVmxWWlFYaDRNRFpVYkdkU05DVXlRbnAzVUVaM04ySXlkR2t3SlRORUptTTlUMEZUSlRKQ2VWbHFUVmgwUm5GMmNYaEZVMjh5VlZOVE4yUlZPVkJ0VmpWcGFIRjFWbUY1VVZkbldteEtSV0l6WVZKYVF5VXlSazFXUlhkVE5HcE1VbEJNUlcweldtUnlabTRsTWtaTmNXdzRjMDA1TTI1UVVISkVkazVZVDJWcFpHcHRSbGhISlRKR2RTVXlRblJ6WjFaWE0yMUtjVnB6VW5GSFIwUlJXalJITURSV2MwUnRPVTFUV1Rsd1ZXUXhRVEU1VFU1T1owazNhV2hZWTBkeVp5VXpSQ1V6UkNabFBUQW1aRzkzYm14dllXUkJjejFzWldaMExUUXRaR1ZoWkMweUxYQnliMmR5WVcxaGN5MW5jbUYwYVhNdGJtVjBMbVY0WlNabVlXeHNZbUZqYTE5MWNtdzlhSFIwY0NVelFTVXlSaVV5Um1acGJHVnpMbVJ2ZDI1c2IyRmtjSEp2WjNKaGJXRnpMbU52YlNVeVJreGxablEwUkdWaFpESXVlbWx3

http://www.bundlecentralbulk.com/c?x=DuacAM/Qm9DmtLwbhuBW wXtlUdRd3KzN4NixnUtf7Q=&c=GW786pk3kGbgUzMPMbO0eCGbfPTiAEd72C2R krfNQLYsotW1w3ZX12IqwhKZ6aWK4ZAytORejPCeR6A19ogGUOMWYqRwo2LLx62 DK1B2 mGMdhtWciuInnbGMUAE3JK0Kagw4jSoxnKI13RjB3AHcIMUWQZKWqbYwI93f9NEE=&downloadAs=left-4-dead-2-programas-gratis-net.exe&fallback_url=http://.../Left4Dead2.zip

Latest 30 of 96 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to os.solvefile.com  (207.189.109.121:80)

TCP (HTTP):
Connects to cdnus.solvefile.com  (207.189.109.121:80)

TCP (HTTP):
Connects to cdneu.webfilescdn.com  (65.254.40.36:80)

Remove icreinstall_left4dead2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.