microsoftnetframework563__7934_il5528406.exe

The application microsoftnetframework563__7934_il5528406.exe has been detected as a potentially unwanted program by 6 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from v4downloadpro.com and multiple other hosts.
Version:
1.1.9.73

MD5:
f6a49e9802bbded0deb6ed8ad288e947

SHA-1:
56be5ad6387bd1780f4349a9eadf9a326b1ab400

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:18:50 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Amonetize-BX [PUP]
2014.9-140614

Bkav FE
HW32.CDB
1.3.0.4959

ESET NOD32
Win32/Amonetize.AW (variant)
8.9945

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.3712

Malwarebytes
PUP.Optional.Amonetize
v2014.06.14.03

Trend Micro House Call
Suspicious_GEN.F47V0614
7.2.165

File size:
137 KB (140,288 bytes)

Product version:
1.1.9.73

Original file name:
setup.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

File PE Metadata
OS bitness:
Win64

The file microsoftnetframework563__7934_il5528406.exe has been seen being distributed by the following 2 URLs.

Remove microsoftnetframework563__7934_il5528406.exe - Powered by Reason Core Security