microsoft-office-2013-professional-plus-activator-crack.exe

TINY INSTALLER

Tiny Installer is a download manager variant from Adknowledge that packages various adware-type offers (toolbar, coupon extensions, utilities) with software distributions. The application microsoft-office-2013-professional-plus-activator-crack.exe, “Premium Installer ” by TINY INSTALLER has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Premium Installer   (signed by TINY INSTALLER)

Product:
Premium Installer

Description:
Premium Installer

Version:
2.4.8.1

MD5:
4d3baa8fde056d189436b747a8a41539

SHA-1:
b1875b8a43f0c603a308ddd0a1cd588d8cc2d727

SHA-256:
a980fc59d6f2cf027acbff41626c39c8a8420fcf958b3d4115efdcc14e73e7a6

Scanner detections:
24 / 68

Status:
Adware

Explanation:
The Tiny Installer download manager bundles various adware components.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/23/2024 7:42:17 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.AdWare
7.1.1

AhnLab V3 Security
2014.07.11

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.160.46

avast!
Win32:IBryte-BY [PUP]
140617-1

AVG
Adware Skodna.Generic.ARX
2014.0.3986

Comodo Security
Application.Win32.Adware.iBryte.BJ
18843

Dr.Web
Trojan.Packed.26551
9.0.1.05190

ESET NOD32
Win32/AdWare.iBryte.J.gen application
7.0.302.0

F-Secure
Gen:Variant.Application.Bundler
11.2014-11-07_6

K7 AntiVirus
Adware
13.180.12683

Kaspersky
not-a-virus:AdWare.Win32.iBryte
15.0.0.494

Malwarebytes
v2014.07.11.06

NANO AntiVirus
Riskware.Win32.IBryte.csnqdp
0.28.0.60698

nProtect
Trojan-Clicker/W32.iBryte.2355496
14.07.09.03

Reason Heuristics
PUP.Installer.TINYINSTALLER.x
14.8.8.3

Rising Antivirus
PE:PUF.iBryte!1.9E1A
23.00.65.14709

Vba32 AntiVirus
SScope.Malware-Cryptor.iBryte
3.12.26.3

VIPRE Antivirus
Threat.4778314
31088

Zillya! Antivirus
Adware.iBryte.Win32.708
2.0.0.1855

File size:
2.2 MB (2,355,496 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) 2013 Premium Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\microsoft-office-2013-professional-plus-activator-crack.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/3/2013 3:00:00 AM

Valid to:
6/4/2014 2:59:59 AM

Subject:
CN=TINY INSTALLER, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=TINY INSTALLER, L=Wilmington, S=Delaware, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
54C184C0CB6B6510B3582483FC098463

File PE Metadata
Compilation timestamp:
12/10/2013 8:43:26 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:pK1pcrad3MgIlV0i9zC++EB53x0PiBsLyllxgCzMBdgo:ccrad3Mz15jJxzBsLqfg6

Entry address:
0x539F5

Entry point:
E8, 62, 8C, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 88, 2C, 49, 00, E8, C1, 35, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, D8, 83, 63, 00, 77, 22, 6A, 04, E8, 65, 8E, 00, 00, 59, 83, 65, FC, 00, 56, E8, C7, 9B, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, CD, 35, 00, 00, C3, 6A, 04, E8, 48, 8D, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 83, 3D, 34, 70, 63, 00, 00, 75, 18, E8, 99, 81, 00, 00, 6A, 1E, E8, C1, 7F, 00, 00, 68, FF, 00, 00, 00, E8, D7, 4C, 00, 00, 59, 59, A1...
 
[+]

Entropy:
7.2510

Code size:
510 KB (522,240 bytes)

The file microsoft-office-2013-professional-plus-activator-crack.exe has been seen being distributed by the following 4 URLs.