home

noivasmp3 sim eu quero padre jonas abib_10924_i48920640_il345.exe

Runner Utility

BERSHNET LLC

The application noivasmp3 sim eu quero padre jonas abib_10924_i48920640_il345.exe by BERSHNET has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
41f8c539e1de754059a56f35e4d96e60

SHA-1:
e9ab29fb4970f6c2b76592db2b2baee539fdf4e6

SHA-256:
da947760b3fcc3b6380d3a5457bfe048638d7e042fc4d7dd4eff6d6e37fc4539

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 10:48:24 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonitize (M)
17.3.15.0

File size:
1.4 MB (1,515,536 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\noivasmp3 sim eu quero padre jonas abib_10924_i48920640_il345.exe

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/5/2015 10:00:00 PM

Valid to:
2/6/2016 9:59:59 PM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
4/2/2015 12:23:07 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x26F2A2

Entry point:
E8, 01, DA, FF, FF, C1, E8, 05, E8, E2, E4, FF, FF, E9, 4E, 53, 16, 00, AA, 4E, 51, BD, 43, 3F, 44, 08, 4E, B4, 5A, A0, 42, 87, 76, 1B, 4A, 2E, 0E, 93, E6, 0C, CA, 30, D4, DA, DC, A0, BC, 81, 9D, 21, 67, 26, 5D, 02, B4, AA, AF, 38, 3D, 12, 77, D0, 15, 8F, A7, 3F, 03, 88, B9, E1, 2D, 5C, 00, 9C, B0, CF, EB, E7, C2, 0C, 3B, 80, 14, 94, 63, D4, 5F, 64, 15, C1, C6, 93, B6, 7E, 6A, 2E, 88, AA, AF, 8F, 91, 55, 7B, B3, AF, 73, 97, 5B, 5A, 75, 69, 6E, CC, D8, 9C, 07, 24, 38, 64, C2, 6C, 9E, 53, B5, 59, 50, 8E, B3...
 
[+]

Code size:
187.5 KB (192,000 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.