installer.exe

The application installer.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.appsflashdelivery.com and multiple other hosts.
MD5:
1742bbbced9c23a4485940827a1dfb16

SHA-1:
50f1c5766ad4dc27e14770f253cdb7cbef08c483

SHA-256:
4fc1cd4b79f988c01efd7d4ea37c5b2b11c1bdcee190e0407b207c75f8e93c31

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:27:48 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.DealPly
7.1.1

Avira AntiVirus
GAME/Zylom.Gen5
7.11.30.172

Arcabit
Trojan.Application.Bundler.71
1.0.0.642

Bitdefender
Gen:Variant.Application.Bundler.71
1.0.20.95

Bkav FE
HW32.Packed
1.3.0.7400

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.71
10.0.0.5366

F-Secure
Gen:Variant.Application.Bundler
11.2016-19-01_3

G Data
Gen:Variant.Application.Bundler.71
16.1.25

Kaspersky
not-a-virus:AdWare.Win32.DealPly
15.0.0.562

McAfee
Artemis!1742BBBCED9C
5600.6516

MicroWorld eScan
Gen:Variant.Application.Bundler.71
17.0.0.57

Norman
Gen:Variant.Application.Bundler.71
11.01.2016 17:30:26

Panda Antivirus
Trj/Swizzor.S
16.01.19.02

Qihoo 360 Security
Win32/Trojan.ad3
1.0.0.1077

VIPRE Antivirus
Threat.4439742
46592

File size:
400 KB (409,600 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\installer.exe

File PE Metadata
Compilation timestamp:
1/14/2016 9:00:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
6144:GCF0KKlE/XV6J7Xze2ubTSrX/H6URU5l3M5hOn+Y/uBPhvMLQg:GC+lEYJ7XKPbTG6DfMTOV/eZvQH

Entry address:
0x58495

Entry point:
6A, 60, 68, 70, F1, 45, 00, E8, 33, 15, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 83, 16, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 24, F0, 45, 00, 8B, 4E, 10, 89, 0D, 38, 1C, 46, 00, 8B, 46, 04, A3, 44, 1C, 46, 00, 8B, 56, 08, 89, 15, 48, 1C, 46, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 3C, 1C, 46, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 3C, 1C, 46, 00, C1, E0, 08, 03, C2, A3, 40, 1C, 46, 00, 33, F6, 56, 8B, 3D, 18, F0, 45, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
376 KB (385,024 bytes)

The file installer.exe has been seen being distributed by the following 5 URLs.

Remove installer.exe - Powered by Reason Core Security