» icreinstall_plants-vs-zombies-2-4.7.1.exe
Overview
Analysis
File Details
Downloads (48)
Network (3)

icreinstall_plants-vs-zombies-2-4.7.1.exe

Cagolig

Destiny Dream S.A.

The installer utilizes InstallCore which may bundle about 3-4 offers for various ad-supported toolbars, extensions and utilities. The application icreinstall_plants-vs-zombies-2-4.7.1.exe, “Cagolig Setup ” by Destiny Dream S.A has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from www.tagsendheart.com and multiple other hosts. While running, it connects to the Internet address os.solvefile.com on port 80 using the HTTP protocol.

File name:

Publisher:

Huful (signed by Destiny Dream S.A.)

Product:

Cagolig

Description:

Cagolig Setup

Version:

3.6.3.0

MD5:

61b72ef1adde14a9f52c8764416e043f

SHA-1:

eb6ad69d41f84642913e852606949c64254c1add

SHA-256:

ea1589743f3bd10aecbf5a92edcb994be046d08ea22e9107fc07f93d68179186

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Utilizes the InstallCore download manager that may bundle various adware-type offers.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/27/2024 1:51:33 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore.DestinyD.Installer (M)

16.4.26.19

File size:

989.7 KB (1,013,448 bytes)

Product version:

2.0

program

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\icreinstall_plants-vs-zombies-2-4.7.1.exe

Digital Signature

Signed by:

Destiny Dream S.A.

Authority:

GlobalSign nv-sa

Valid from:

12/17/2015 8:55:11 AM

Valid to:

10/2/2016 9:36:18 AM

Subject:

CN=Destiny Dream S.A., O=Destiny Dream S.A., L=Clarens, S=Vaud, C=CH

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11217A75EB912AE2167326222C18D9E2357F

File PE Metadata

Compilation timestamp:

6/20/1992 6:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:oo9v/Sb8ISdMPNf/kLkfz8HF2+7jDBVCyP39KvlDVJx:o6SkaPNXkQfziF2sjL8l/x

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE... 
[+]

Entropy:

7.9262

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

The file icreinstall_plants-vs-zombies-2-4.7.1.exe has been seen being distributed by the following 48 URLs.

http://www.tagsendheart.com/c?x=ccpfiQAa3X0hZtT7cx30f0KcDjOa T1aRVhekg5WKTA=&c=1MSCEzSRB3Hrz1eZIIHmLnngsCRXkFbKr3gD92DFsoM6mu0/cbcmm5qC0fkN47XmgPAKTtb4Z5 Q6SZ ZuJmyIGbV67qy0skBwMOqcIgz1EFrA5x1ZT5K OSpDK035J7UC7Tn6qiqdHCNKlfC2NNf0kJyeB0RLq iiFRPbyb2ginSBk7BE2C3QsBrWhqCA2b&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.factorybulknew.com/c?x= vlQtmg28H31i8aUErNrjl593w7Izgy6CdrcyUPa8tQ=&c=h2mcCVlWcRYfQupaJIfTiHnE4vZ6FdUZdQLjlqw7zhv6O6aeA7hsBmyA5BAtw0PCnNVkU/rG77twpf9zM75gAkx6No4VeUMvSA2OGQSEanzvQx8Po8fHoKYbzzX0/5iYJqGNPlyx hWMctRT8BkhJ/vN5oVhSnBXKGrG/NGQy1tG8EJt0VwZgTFpO9IbgwRl&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.cleansignsconecpt.com/c?x=gCxO3zu9dGdrm0nwC2hi/iZ97kCGJnWLl4oJ6npqHP4=&c=LV6FazxtZ5eGvwLOsOd4kn1ezU/1jl6mF0u7dK 98A9Cq9DV//F3XE8nqpQUtRFCQMiB3vzNvj8vstxfP iJ/osQ5oXyPcFhS0XZ2T0KmDWsDHRreKdnkn56Dclz20MBT/gHRn5MMXDWD i1wJYdDD0Wep183ieLR5BplYnVQcY=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.gifttowndelivery.com/WVl6OTRQV056Vm1GM1RsRlVabmsxSlRKR2Fua2xNa1pFUWlVeVFqVTBWaVV5UWpaMmNHUWxNa0pqVm5OaGRWaDNRMmgyVWs5Uk1tMVZKVE5FSm1NOVdGWTBkRWx2VGpoa1ZYYzFTeVV5UmxrM1JVVTVSVFoxY0cweVFXWXlSWFE1YlRCUWNIRkxNQ1V5UWpCSmFrRk1WRXhuUW1GUVVrSlRKVEpHUjBnd1VYSllUblJCUlZobGNXUm9NMW96T1ZGR1pqSndOVXhYVnlVeVJtUm9kRmh0TW13d2RqQjVkSE5LSlRKR05uQkZhbTVHUTBVeVlXVldWVU5CWjJNNVZuUjBZbU5RYVZwclVVTndSMUJ3YUdkMWJHbFJTM1JMYVRKcFREWk9OVkExWnlVelJDVXpSQ1psUFRBbVpHOTNibXh2WVdSQmN6MXdiR0Z1ZEhNdGRuTXRlbTl0WW1sbGN5MHlMVFF1Tnk0eExtVjRaU1ptWVd4c1ltRmphMTkxY213OWFIUjBjSE1sTTBFbE1rWWxNa1pwZEhWdVpYTXVZWEJ3YkdVdVkyOXRKVEpHWVhCd0pUSkdjR3hoYm5SekxYWnpMaTE2YjIxaWFXVnpMVElsTWtacFpEVTVOems0TmpnNU15VXpSbTEwSlRORU9BPT0=

http://www.newgiftcontent.com/c?x=Lbr3EwZsQHAvgVD3XSk49TjAzM3RGb0BFgY5m8 UTpE=&c=jOm2RvKev6lj6Ow7BiggmRyIC5gsBRTk3Dr F3dgg0uXn/GmWoax8bzew1/k/LD1ShsRy2Gxoh97EoA2tBkMPQSa73d0ZxMnu/F2pn2ikeXdaNjo/CxTUOdd/4I6IweehlAslIBpADa3PjXXTcffxw==&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.cleansignsconecpt.com/c?x=zJ/bv2Q6toxL9e3LWG4RC0nZyS866flG6FmGpII 5Ew=&c=ofTTGH2sxxo8Yl62HPaSPcgAOlMT/UnXoKgVt0NYRFXF/jHsCLIvpdBZI 4brX9qpEY/Nf314 Uwmywne3VM571MwFtZ MtQRzcV2pFqdavNzpBDLJ2Dtqbw1cZyM84qdNEfHfGwUqasOcxsnOJALUDtCASyBS8xXWnh4R dOSc=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.presentfuntowers.com/WVl6OTRQWGx6ZEhOR1pVczJRbXhJVXlVeVJuVkNWVTVpZUhGVVMyUkdNRVEzY1V0ek0wcDRlWHBYYVVzMU56Z2xNa1l3SlRORUptTTlTV3hTUVV0TmVEYzRVblo0VWsxVWVqQllibGxpYUdKcVdsRlBOWHBtYTFac2RHUndiU1V5UWxkT2VUbFpkVTB4U213eWRteHZjM2RwVmpacFVFbExaRVpsWkhRbE1rSTRaWFp0VDNwU1p5VXlSbTV3U2paQ1kyRkpRMmxHVmtGR1MweDRhams0ZWxoeGJURlRSVUY1U1dNMFRuZFRWakUxVTAxWE5VcGtjMmx4YUNVeVJsQTJjbTQ1VjNWYVoyeHJiekI1YmtveVRXUnlkalV6WW1jbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTljR3hoYm5SekxYWnpMWHB2YldKcFpYTXRNaTAwTGpjdU1TNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEJ6SlROQkpUSkdKVEpHYVhSMWJtVnpMbUZ3Y0d4bExtTnZiU1V5Um1Gd2NDVXlSbkJzWVc1MGN5MTJjeTR0ZW05dFltbGxjeTB5SlRKR2FXUTFPVGM1T0RZNE9UTWxNMFp0ZENVelJEZz0=

http://www.bundlesbinariesnew.com/c?x=b9vXDR9Ya1G6yr7aHNmURWfsTKRLkfBm6Ge2ws3ElYA=&c=eJlTPEPGkwCgkmxbYzhj6mlrjzEuGshHTBm4HQ5AJCgyBFcbQcucmm7o63nhWr3/BwWhFQIjBXHw7uTgzucJOsVHPore96onhgj4 SZFCq2sh/Uf8orxaG/HhPfY8exDjm4WQ/zbKtDqjofc4BXavw==&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.sharecapitalbulk.com/c?x=H/3D0JJVaa98nhN1STKOYpdUxbEUIAcW6fl4yDhLO8Y=&c=J0n1N7mBHZcAAKCdVG 3XP4yCpvWY5/v/GX8yMvoALAOoHhG5BdZTqwJc11pJQ3G/dRCAIkNluG8jyx1dZX2597qyZsxAvyGUGTarcGQs31GjsDEJMsdgB8P /5WzOZaQRmtRO61Te7MKF BFauTmw==&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.nowfactorymeta.com/c?x=D0cE6Lt0fbMfmajL8UMAwo1wsHMaO9KON765XKR41HY=&c=0MF5kn6S4ynvhSlrWo9MNuRg6D69oatBa5FwnZsEt1bPiz4ZH4gz4MecD/Ts1aVWlQXV7Gm3fepP0gQOMHEn8Visy2lSrg7tYKo2 2Ls9xUdR2bwG4M0Y9ZdY/R0OHMDN2iATvtBHrDJb0aZ JaSTG6408BRYft1Ro6Mn16aBfMVnOd73/211iAUiKMBjEeB&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.tagsendheart.com/c?x=rmlM3W422ARwnDy6F3LCUscKdVM2Sjl GWAHQeEuff4=&c=wigJmPlGb8HEVyW7tB TGXJ3ebYfk/NwIyAqROAwk5GBbVZLheggTpitXrlEb0a96y/dR8fY9foTkSoYCoJXrMvTih0nuN7WePBTD78dSFnIl17rHzG1O3UAhMd6NmJHFT KYj7nEHGE6qePkalSZTkeQmLGCdUz5BKEuR4FEKA=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.headconceptsuniverse.com/c?x=ecZGmzeIpN8htpc1yrVaPo4W50gm4HsfdLkRQIqHbDQ=&c=xgNYDUVW/Rhq Mx36dK4CykI4RUP67IPJ0k2dXtp/5YdPiFq2ICcd55eRGLH77kvRBEWGj2o9xyKHKqDvHPMYKmkJ8o84t3EfEt/vV2JovlpW U DAMXKRJV2NShoZKm32v4w6XADrF99PiGdJeHNrKsAFgl/cqKdpUT5ZxoGPpLwrX2X5kJT0sNv4kYF7x8&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.softwarebundlebulk.com/c?x=rETBAVdvSDPfABPDq/8SqBj38/AoS24cKGmMBYXcoJc=&c=gDEtqRowp1lFFR4EW5fV2Oy7yezq8maZlJ92rvpQzP9Oxdk9PcSDgQRDM9SvIoExtHX3726zIFF KlveUJrwRXNSjK5bcRaYIFnfj1oauNBgv5SgiUVTDRYOExI Lg2 QQXkqQtZ5Wnc7EF1gZ8G3Z8VqQ0DBKdXzLehEhpRVSE=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.deliveryvaultsdelivery.com/WVl6OTRQWE41WVRjeFdFUmlaak5tYzB4NGFIWlVURlJ3V1c5dWJTVXlSalUwYjJWdlpGWWxNa0o1Y0d0bFlrRkJZbTVSSlRORUptTTlNako1U0RoNmJXMVpZM1E1YTBwWGFFOVJSbUZNVVV4T2FUY2xNa0pRU1VScFRtUXpWWFpVVmpZME5XSm1jV0ZaV2t0R0pUSkdVR2dsTWtaUWJIUkdRMnh1TldaSGQwVmxZM2tsTWtKRGRWUkZRalJsYTNWeVNVVnRWR1kxT1ZVM2FuUnpRMlk1V0dKcGMwNUVla2xRZDJwbGVIZE9ORVJXYnlVeVJqQXhkMmNsTWtKTk4zSjRiRmhVVERVMldIWllZa2RxZWpNbE1rSkZaR3c1WkdSM2RGZFZVbEVsTTBRbE0wUW1aVDB3Sm1SdmQyNXNiMkZrUVhNOWNHeGhiblJ6TFhaekxYcHZiV0pwWlhNdE1pMDBMamN1TVM1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQnpKVE5CSlRKR0pUSkdhWFIxYm1WekxtRndjR3hsTG1OdmJTVXlSbUZ3Y0NVeVJuQnNZVzUwY3kxMmN5NHRlbTl0WW1sbGN5MHlKVEpHYVdRMU9UYzVPRFk0T1RNbE0wWnRkQ1V6UkRnPQ==

http://www.gifttowndelivery.com/c?x=6yGu7buLQCiFUpgmvFvBUWRe6L4/xCenAok2bs//FKI=&c=9vSvjtxUL0IoX8ISst2csOruXo87tEDIFFqkUYF1uHWpwZcFdHZFUfw6M7TH3N2GVLdND75LyDK2MSHiGKTOiJop4xLJxmZWM6TgN30HCuttjFL3uYZazNUBCBVCIcuGSqtdz1AZHfapSBikHdoHd07qOVX7qkH/DZ SOeeXVDE7X1kY6TpiTuCiOAl5WkOm&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.sharecapitalbulk.com/c?x=PML/eAghemWaA4zZGcYDxX2YDiBkBhqU1ppdLN4RV1E=&c=hQDdSv1drvsSnUNzDo/ZHyG179FkswZSv4aNgtfhHkKrVN0XaXVow71Hb6SNdWr14cRwVZfSQW6Mu294J8RNnsGWm oTTp89V73yu2eoSLp3vlvdD8FOB w1y/xBcrT5rrL1CXkw9LV7gARWYD5wQFwzoCpERDeLKMJpCzH8Dd DJrSeE4qF5F7 ANn9f0Ut&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.dlflashstock.com/c?x=mQZMbVJhc51pt4SMxm3i0Kh 6lKStG8VBepxfPNSS2M=&c=ATa55BefLdOwaNaWwCaHifIeuEmPMjcWpFcCt6F5 O/uajcbAODjDjGnTmKRkEghnzI9YckVKE89fE7yP0BV3BJF4R6oFSr7UIBWeu2Weky7w2Kw49udrjyYJ1L5hLY6zRYQD8AsqQAQtEVVq3G7QJEr58eUDzTZh X2Hf5PTUBav70SO7nZHIp8gOgEBV1I&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.tagsendheart.com/c?x=jqqCp0mWrQXGTEmiEaa3kLb8teyMy9yjp3PxoBpak0k=&c=y9sNXrPKIvxyS3GptFUH83njFdJOWdlZ6ouGax8hLUESgTo1dG rXP4dpf3mtVKvcdyJYao3yTTM5kyOr7y7cRqtyT25r9Le7f1qPxq9CXtqXBsYsse/ATzK nu3wjF/sja4EclE/acuTv1DrZm9UYyUgK2pcUPOPcyq6H6LZ8E=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.headcleancentral.com/c?x=h12pzYR5lRx6mC391M Gpz5f3Y3GI4ciwe5RwfulrRI=&c=aa /VTf7QKDNDCVNcDm4n0Fgv8gAzwJdjAoX/aDNYQouY4MSTc5PwZHTBk9kmBcsNm/1nIMrU3qESsvJv71cAZOYkXDiqivYvHWQiN6QWWG2x 0iX92evnJie3YJpPqPu7U5sBCLrjM3nUV/tkjNPb8X5qhHSsaQ9Cu33/UV2Gg=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.sharecapitalbulk.com/c?x=hsuWp6j/xemeEeBEpFfFEazXsrfm1wMjvmFuBujjwPA=&c=X0K HkR6OyQHbHA5r5jtM6kViNGesBkQCnZs/GjI9P/4m3VgL6n5tg OZls9ahEI4V4rwat0Hcfe/hsQmIADYTDR2ZTGKM8mKwxprV6Cyo1534xJl3UX7v3ysfw 4mWp821yG6nGOne2UKKuY4Yw52BNG2mIzSbzKqysnV/j1jsDzAvZHEE/V6t8gj76u35Y&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.centergiftcontent.com/c?x=ZUJ mb9rnyH/BmOoS1REXFOzHQy3gyClKm2rYq3IZgY=&c=H1gvdGDJINz3A3Dh0xGlCCkj 7cA0v6blTuuweOYaDrjQr7a1EkESIhPkIyLLfnTz6bZXgq8EnfFf/xR74b4VOZf49/44jRfQqa72wkPIm8BlEGd9CdNA8PAgSyQJj9tpI R9TstjbHnrEzee5bAd/42KDbic53Hb/D q0qed zYnsT4fotOUH Btb/w0ozf&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.gifttowndelivery.com/WVl6OTRQVFowTUZkdk1GSjFjVlJQYVZCYVJrOXhKVEpHYjFoaFNHdFBZbTlaY0hOUWNUVTBPVzlTUVRGWUpUSkdhMGxuSlRORUptTTllSGRhYW1OaWFXWjJUbFk0VDJkdmJWaDJkSFpoV0VaUlRFMDVSME5HWkdrM0pUSkNWV281WjNWeWJrMURWR0pNWVhwbE0wMHlRWFpYTURGT2JFZEtSbTh4UW1Wd1FXWklkM0F4ZHpsYVZIaFlKVEpDUVU1aVoxQnJlVlpoWVU1RFRreEpOU1V5UWpSTmEyWkRObk51UmxOVGMycHhRMmR0YTJKUFQxcEtZVTVsY0RZMVRrTmlkbWh3YUVsRVpVaFFaa2h6YmlVeVJrRnFVVTV1ZFhjbE0wUWxNMFFtWlQwd0ptUnZkMjVzYjJGa1FYTTljR3hoYm5SekxYWnpMWHB2YldKcFpYTXRNaTAwTGpjdU1TNWxlR1VtWm1Gc2JHSmhZMnRmZFhKc1BXaDBkSEJ6SlROQkpUSkdKVEpHYVhSMWJtVnpMbUZ3Y0d4bExtTnZiU1V5Um1Gd2NDVXlSbkJzWVc1MGN5MTJjeTR0ZW05dFltbGxjeTB5SlRKR2FXUTFPVGM1T0RZNE9UTWxNMFp0ZENVelJEZz0=

http://www.gifttowndelivery.com/WVl6OTRQWFZxVDNocVVWSnhWMXBIVTFCblNXSnRTM2c1TldWYUpUSkdhbE4xWmxGRlFXazNURXg0YVhWd2RsUmhUU1V6UkNaalBXeHJNblZWV0NVeVJtTlhXR014UldGcmJHSlJNRWxFY1ZKWldIcE9hRXBGZEVGWldFTnNUM1JLVVZVNGIwa2xNa1ozYmxkQ1kzRlRSbmMwTW1ZNFQwdFJVbXMzVW1STFZqQkJOR3BvVVZGRlQzTTBRbXhvU1haTVQwdDJlR1J2VW1SaWVFVmlXWGN6UTBWcGFsUXhlbVJpUXlVeVFrbEZOa2xUTkZScmFXdEJablEzUTB4MFJYaDZPVXhIVjNvbE1rWmplVVZ6WWxNNGIwOXNSR2wzSlRORUpUTkVKbVU5TUNaa2IzZHViRzloWkVGelBYQnNZVzUwY3kxMmN5MTZiMjFpYVdWekxUSXROQzQzTGpFdVpYaGxKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndjeVV6UVNVeVJpVXlSbWwwZFc1bGN5NWhjSEJzWlM1amIyMGxNa1poY0hBbE1rWndiR0Z1ZEhNdGRuTXVMWHB2YldKcFpYTXRNaVV5Um1sa05UazNPVGcyT0RrekpUTkdiWFFsTTBRNA==

http://www.headcleancentral.com/c?x=eMNAZneQN3aaWx/W6VSuTjRUoyOIc9Dtc/Ou4T2Ns7s=&c=3jPpMkr9ODgXOTU0 ysWJPkb9W2Xt54q4odb/BIZ9LujVzoHD6xUlA2BVS MvxN7JgMYl9voDFH9GcEF/8QFl6JgCuGsDzioQO95JyaqkjmMIt/mk4ie4wtozp/TARUFi9wB4SjJXwsJ7miVM/WpQp4SKDGI1zv3DEKnrcN0x3w=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.flashtowerfactory.com/c?x=DztgVZg5KCks7PRhk4U E51ZZp9fhDsCSDlXnhEJDbI=&c= PBhbS5hYHw/QH 98RYMXQbDFZlJuu0CGpXC9Zhp6LOCya1/1brAjbO HV1txplnx5JartnA1Ju4VDrG3FF eQzKOXHDA7wGKI nbpACgCVy2xJNqlo1z6d1hnpBLlxvGa531NZu hqkXkvZ6MPS2rzNSswHFEI/M oQi6t9agk=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.softwarebundlebulk.com/c?x=ZGJEQfXqdGgJwuA6HipNLJ3u22E79pud4ungAdy60tg=&c=464oRIhzZytr6dQGaPKWIGlyxUpHjbTKB2rlvOVzAiKHOMmAxW3fLd2dUSKPw AOjyGVpnhZZ4YwCdtgQV9dIN6AxtTSqmavlTpX489pip18aYLC/j/uvqxPHUPfXmRZJsw2mRIQlfMtL4qvLq4Tp8z/MZ u1mVGEZz641ZvEo8=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.centergiftcontent.com/WVl6OTRQV2xhVVROaFUybGhkMncxYjI5dk4yTnJibVJLSlRKR0pUSkdhakYzVlU4NVYwUXdjQ1V5Um5aVWFHaHVSM296ZVZrbE0wUW1ZejEyZFU1cGFtUmhOMkoyV0ZGWldWQnVOMFJ6VUV0Sk1WRnNWamRsTjB0MVFYbERUbHBxTVU5bGRTVXlSbVJXVUVKSlkwVkZXV0ZYVWpsMVEyOGxNa1p3V25GeFRVZG5iMlZRTkdVM1NFSnFPR0V6UTFkNFozVkhjSFJrVlVwek5XbG5TQ1V5UmtkM2RGbEhhSEZKVDB0WVJrY3lNVkZvWkZCbVFsWnBWazVNV1ZCT2VIbHhSM2hIVVV4UWNGaHRTMEYyYTNwdVoxa2xNa0owVG1jbE1rSlJKVE5FSlRORUptVTlNQ1prYjNkdWJHOWhaRUZ6UFhCc1lXNTBjeTEyY3kxNmIyMWlhV1Z6TFRJdE5DNDNMakV1WlhobEptWmhiR3hpWVdOclgzVnliRDFvZEhSd2N5VXpRU1V5UmlVeVJtbDBkVzVsY3k1aGNIQnNaUzVqYjIwbE1rWmhjSEFsTWtad2JHRnVkSE10ZG5NdUxYcHZiV0pwWlhNdE1pVXlSbWxrTlRrM09UZzJPRGt6SlROR2JYUWxNMFE0

http://www.nowfactorymeta.com/c?x=e2PeL8CEVVRJSFsbxGuCjZ/0XXcqhFGen0EvNv1yiYk=&c=kpibAsxs/FV1E2W0bVANaljoShuBAU3c1XaoRSkX684owVVY1RfBiXqHHYvws/OS80QYN2 4huxJEtYBaHjxR6z /jjQToMDUCg/pMwbwFoEFMGNaJRtAj8sQDCM3stabpj8fFZLZ 5o8sys/KMglxSw42DRMGmhgsQR4lUlvHvyPyPFcHGGlJyLsqgGHcpl&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.newgiftcontent.com/c?x=l RIcMcQJqtVhobhFRWopZJz792btzhMFOuhj6l1 6U=&c=pSGpFh6ilEi6v03qQxvv8J4zlzzxfVPxFuqZwGxxLnu2dVEW2A9JfCGcaluwoRU2zjeW2ZOO kcP4kaMtIyC4BSZjHBjGDM LKiya/mqlwhDulDj9HGirRRzArR8GbnQqBwiirjR3PodjpirN28zjZwxuECCGIjjygUX9WB4lUI=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

http://www.cleansignsconecpt.com/c?x=3 7el4MktgMi9vXjkg5ZvQDHOG3oSIyKx4j36/qyzTM=&c=EgESdxKbNnFZmwicY ICVzSr7YCWxTnp9w8Udma1IoNke4XZDFYVAPCnqFcktu7UMNGHPfsoEy7CxXeSNPqPugyiavbKPSL6DiSQLXGUodeK2BPVUd7atLPi7hBVRFSHphl/gP4lnqphgNAYNPLLs2TrtniQXM9isLnEdoexAOw=&e=0&downloadAs=plants-vs-zombies-2-4.7.1.exe&fallback_url=https://itunes.apple.com/app/.../id597986893?mt=8

Latest 30 of 48 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to os.solvefile.com (207.189.109.121:80)

TCP (HTTP):

Connects to cdnus.solvefile.com (207.189.109.121:80)

TCP (HTTP):

Connects to cdneu.webfilescdn.com (65.254.40.36:80)

Remove icreinstall_plants-vs-zombies-2-4.7.1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.