installer.exe
Installer
Performersoft LLC
This is part of a Performersoft product, a 'PC optimzation' application that provides minimal benifits and may have been bundled by a third party installer. The application installer.exe by Performersoft has been detected as a potentially unwanted program by 17 anti-malware scanners. It bundles additional offers, mostly adware, using the InstallBrain installer, a pay-per-install monetization download manager. InstallBrain will also install a background updater service that will update any installed browser add-ons and plug-ins.
MD5:
8ac02716631a12de2fbe3013225f8687
SHA-1:
f92e3fac8a70035bd4e22a595b728b9b373c4321
SHA-256:
05e80f867778a6777ab7f7e9e6ce03d34f02bf0365e12df7d2468ba5da40553b
Scanner detections:
17 / 68
Status:
Potentially unwanted
Explanation:
Uses the InstallBrain monetization platform from iBario to deliver bundled adware both search toolbars and PC optimizers from Performersoft.
Analysis date:
12/25/2024 4:23:34 AM UTC (today)
Scan engine
Detection
Engine version
AhnLab V3 Security
PUP/Win32.InstallBrain
2013.11.16
Avira AntiVirus
APPL/InstallBrain.Gen
7.11.91.88
Boost by Reason
Adware.Installer.Performersoft.J
2013.7.23.1
Comodo Security
UnclassifiedMalware
16620
Dr.Web
Adware.Downware.1295
9.0.1.0204
ESET NOD32
Win32/InstallBrain.AJ (variant)
7.8588
F-Secure
Trojan:W32/InstallBrain.A
11.2014-07-08_5
G Data
Win32.Application.InstallBrain
14.8.22
IKARUS anti.virus
Trojan-Downloader.Win32.Brantall
t3scan.2.2.29
K7 AntiVirus
Unwanted-Program
13.173.10217
Malwarebytes
Adware.InstallBrain
v2014.08.07.10
McAfee
Artemis!8AC02716631A
5600.7144
Microsoft Security Essentials
TrojanDownloader:Win32/Brantall.D
1.163.1557.3
Reason Heuristics
PUP.Installer.Performersoft.J
14.8.7.22
Trend Micro House Call
TROJ_GEN.F47V0719
7.2.204
VIPRE Antivirus
Trojan.Win32.Generic!SB.0
23408
File size:
558.6 KB (572,032 bytes)
Product version:
15.9.28.27
Original file name:
installer.exe
File type:
Executable application (Win32 EXE)
Language:
English (United States)
Common path:
C:\users\{user}\downloads\installer.exe
Authority:
GoDaddy.com, Inc.
Valid from:
6/27/2012 1:28:03 PM
Valid to:
6/27/2015 1:28:03 PM
Subject:
CN=Performersoft LLC, O=Performersoft LLC, L=Beaverton, S=OR, C=US
Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Serial number:
07DAC5F73C6773
Compilation timestamp:
7/15/2013 1:51:26 AM
Code size:
91 KB (93,184 bytes)
The file installer.exe has been seen being distributed by the following URL.
The executing file has been seen to make the following network communications in live environments.