home

kitty powers matchmaker free download pc game.exe

COnfirmED App NlN

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application kitty powers matchmaker free download pc game.exe by COnfirmED App NlN has been detected as adware by 12 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from dl.file23desktop.com.
Publisher:
OGTME  (signed by COnfirmED App NlN)

Product:
OGTME

Version:
9580.15612.1235.3875

MD5:
e34c2f063dd6f7445dfdc0396ecc2e02

SHA-1:
5c0a522cd6d5f427e6f60ce7d3f2dfc6f1493f4c

SHA-256:
1c111c0a27fa6e0606dbbf9ebfb4182916d5c7e9a36edee792b1d9edf897ed9d

Scanner detections:
12 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/23/2024 10:04:51 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Downloader
2016.0.3075

Dr.Web
Trojan.OutBrowse.847
9.0.1.05190

ESET NOD32
Win32/OutBrowse.CB potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
6/18/2015

G Data
NSIS.Application.OutBrowse.AI
15.6.25

K7 AntiVirus
Unwanted-Program
13.205.16279

Kaspersky
not-a-virus:HEUR:AdWare.Win32.OutBrowse
15.0.0.543

McAfee
Program.Adware-OutBrowse.g
17.6.569.0

Quick Heal
PUA.OutBrowse.A
6.15.14.00

Reason Heuristics
PUP.Outbrowse.Bundler
15.6.17.19

Trend Micro House Call
Suspici.43A0F718
7.2.169

VIPRE Antivirus
Threat.4150696
40830

File size:
728.4 KB (745,920 bytes)

Product version:
9580.15612.1235.3875

Copyright:
OGTME

Trademarks:
OGTME

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\kitty powers matchmaker free download pc game.exe

Digital Signature
Signed by:
COnfirmED App NlN

Authority:
thawte, Inc.

Valid from:
6/10/2015 8:00:00 PM

Valid to:
1/27/2016 6:59:59 PM

Subject:
CN=COnfirmED App NlN, O=COnfirmED App NlN, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0FE0A3ED44A65E61842223753DB90106

File PE Metadata
Compilation timestamp:
12/5/2009 5:52:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:TQGPpCjCbL5UefC7De/ShGo4nFTyTU45KHVVuHTC0b/kyNZNLH4fc8vy4h+:EGPEjiL5XfC+6KFTyY4gHPuAiLHd86R

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 1C, 45, 00, E8, F1, 2B, 00, 00, A3, 64, 1B, 45, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 37, 43, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, DB, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, A0, 47, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9761

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file kitty powers matchmaker free download pc game.exe has been seen being distributed by the following URL.

http://dl.file23desktop.com/1434152567/1434152567/.../b2RkIzIrP2pxa2VsYGMjMitLPh8vKURgbGMmYWRnX2taamQ8SWlvb3QfLylNbnZjcm4gLSpKWnFiZ2thZmBtHy8pQ3FkYyUtKz9pdGdpbmBiJS0rSz0iKy1GYGtlIWReaWs2MzMleGlrOCs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.