» manhattan+skyline+3000+us_10924_i68316928_il345.exe
Overview
Analysis
File Details

manhattan+skyline+3000+us_10924_i68316928_il345.exe

mingw-get

LLC BUDІMEKS

The application manhattan+skyline+3000+us_10924_i68316928_il345.exe, “MinGW Installation Manager Setup Tool” by LLC BUDІMEKS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

MinGW.org Project (signed by LLC BUDІMEKS)

Product:

mingw-get

Description:

MinGW Installation Manager Setup Tool

Version:

0.6.2-beta-20131004-1

MD5:

77ce4b4c5ef29406870a3f0021c797fd

SHA-1:

3f2650da28bb7a78b7960544799b856f50f10c7d

SHA-256:

d7777bd49be415bd48cdc7d1eaa93b44252fa2e638483aeea9630245b6d1088c

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/6/2024 7:42:32 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize.Bundler (M)

17.2.19.20

File size:

864 KB (884,752 bytes)

Product version:

0.6.2-beta-20131004-1

Original file name:

mingw-get-setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\manhattan+skyline+3000+us_10924_i68316928_il345.exe

Digital Signature

Signed by:

LLC BUDІMEKS

Authority:

COMODO CA Limited

Valid from:

8/27/2015 1:00:00 AM

Valid to:

8/27/2016 12:59:59 AM

Subject:

CN=LLC BUDІMEKS, O=LLC BUDІMEKS, STREET=Cvitna 34, L=Gorodockey area Galichani vilage, S=Lvovskaja, PostalCode=81523, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E9F1B23ADDECC133378F48EBB20F9E3D

File PE Metadata

Compilation timestamp:

10/7/2015 4:12:48 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x1E7B71

Entry point:

68, AA, 74, 19, 11, E8, C6, 74, F5, FF, B3, 8C, A6, EF, 24, FB, 79, 53, 55, 3A, E7, 75, 05, 67, 58, 77, 2D, 76, FD, 17, 21, 90, B3, 58, E9, E2, B1, 93, 0C, 10, 9F, 06, 38, EF, 6C, 42, 91, CB, 7C, D4, B8, 39, D6, 45, 16, 1B, 96, 17, F0, BC, 40, B2, 7A, 05, 81, 27, 20, 22, A5, AD, E8, 60, AD, 96, 8D, 4E, 1C, 41, FA, 50, B3, C7, A2, 97, BF, 05, 2D, 3D, 0E, AF, 75, 86, 22, ED, 58, 46, 69, F4, 1F, D0, 27, 4C, 4B, 62, F4, 92, 15, 3D, 5A, 6E, 2E, 99, D5, AD, 98, 9C, 03, 0D, 20, 06, 70, E3, 36, 05, 0E, F8, 1F, 33... 
[+]

Entropy:

7.9623 (probably packed)

Code size:

849.5 KB (869,888 bytes)

Remove manhattan+skyline+3000+us_10924_i68316928_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.