manga studio ex 5 0 2 windows keyge....exe

File

SaFe install OPT

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application manga studio ex 5 0 2 windows keyge....exe by SaFe install OPT has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the OutBrowse Revenyou installer. The file has been seen being downloaded from get.0122e.info.
Publisher:
SaFe install OPT  (signed and verified)

Product:
File

Version:
1.9.3.0

MD5:
172dfbda07e34a539cc30b380652799f

SHA-1:
37bdbb2f273ce77aa4faf23c54a39498b115dbdc

SHA-256:
a855f134c86a4b138903125e147bf7d61500d02da4ab890277ca32de43f62114

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
11/23/2024 2:15:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse.SaFeinstallOPT (M)
16.2.20.9

File size:
1 MB (1,091,648 bytes)

Product version:
1.9.3.0

Copyright:
File

Original file name:
Ionic.Zip-2015Apr23-052904-24efe580-8e05-4717-9573-28c2311c442a.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou

Common path:
C:\users\{user}\downloads\manga studio ex 5 0 2 windows keyge....exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
4/20/2015 7:00:00 PM

Valid to:
1/27/2016 6:59:59 PM

Subject:
CN=SaFe install OPT, O=SaFe install OPT, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
234B90B3CEA9DDF3A22FA56FE435E852

File PE Metadata
Compilation timestamp:
4/23/2015 12:29:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:IbSaE4mvt/lYHJE8S6y6VjewEQT4+rwq3aS9zBL:IbSv4mvvYBy6Uwz4+rwRS99L

Entry address:
0x75F3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.5431

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
464 KB (475,136 bytes)

The file manga studio ex 5 0 2 windows keyge....exe has been seen being distributed by the following URL.

Remove manga studio ex 5 0 2 windows keyge....exe - Powered by Reason Core Security