» islamic+calendar+desktop_10924_i70314295_il345.exe
Overview
Analysis
File Details

islamic+calendar+desktop_10924_i70314295_il345.exe

Sony PC Companion

LLC BUDІMEKS

The application islamic+calendar+desktop_10924_i70314295_il345.exe by LLC BUDІMEKS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

Sony Mobile Communications (signed by LLC BUDІMEKS)

Product:

Sony PC Companion

Version:

2.10.275

MD5:

6a61d33a5b87737251df253bb957a0be

SHA-1:

e3c68e8b49342180a1b88290047d5dcdb557da0c

SHA-256:

bfbf75d2901783a58de60053d15596f365eb288f4883f31ce7dde9dd1dbef217

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/6/2024 7:42:27 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize.Bundler (M)

17.2.24.5

File size:

1.8 MB (1,928,208 bytes)

Product version:

2.10.275

Sony

Original file name:

stub32i.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\islamic+calendar+desktop_10924_i70314295_il345.exe

Digital Signature

Signed by:

LLC BUDІMEKS

Authority:

COMODO CA Limited

Valid from:

8/27/2015 2:00:00 AM

Valid to:

8/27/2016 1:59:59 AM

Subject:

CN=LLC BUDІMEKS, O=LLC BUDІMEKS, STREET=Cvitna 34, L=Gorodockey area Galichani vilage, S=Lvovskaja, PostalCode=81523, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E9F1B23ADDECC133378F48EBB20F9E3D

File PE Metadata

Compilation timestamp:

10/13/2015 8:42:48 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x3F64C6

Entry point:

68, 73, E8, 2E, 27, E8, 5C, 2D, EA, FF, 64, 78, CD, 1C, FB, BB, 98, 34, 22, 66, BD, 0D, 35, 29, 23, 0E, 6A, D7, 2A, 41, 4F, F0, C0, 28, C5, C9, 0C, 03, 62, 4E, 72, D2, 38, B6, 29, FF, 99, 60, C7, BC, 39, 36, 69, BB, B4, 8B, 9A, 61, 43, 18, F0, FB, 32, 4D, 76, 7F, 0C, F9, 5F, 6F, A0, 61, 49, FD, A3, 9D, 7A, EF, E6, 41, B4, A4, FD, DF, 5C, DB, 4B, 82, CC, 29, CF, 10, B3, 59, CA, D6, FB, 24, 3E, 28, D5, 6B, E9, FB, 95, C1, 70, 70, E2, 3B, 68, 0B, AE, 82, 00, 11, 81, C2, EA, 58, 56, F3, 6C, 35, 28, 1C, 97, 0B... 
[+]

Code size:

1.7 MB (1,834,496 bytes)

Remove islamic+calendar+desktop_10924_i70314295_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.