» orange is the new black audiobook torrent download.exe
Overview
Analysis
File Details

orange is the new black audiobook torrent download.exe

Vasiliy Ryabchenko

The application orange is the new black audiobook torrent download.exe, “Installer for StarApp” by Vasiliy Ryabchenko has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Tarma Installer installer.

File name:

Publisher:

StarApp (signed by Vasiliy Ryabchenko)

Product:

StarApp

Description:

Installer for StarApp

Version:

2013.8.14.1907

MD5:

701c0a308ba62ad4dcd117d35f47e7b4

SHA-1:

4afcb49a11e18b48a033d1339294f41e54db2b9e

SHA-256:

a407fed9c85c231e6d01150e9068cc60d51caf0859818aca8931f7ca8d525d8f

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses Web-Pick's 'File Product', an Installer which wraps various products and downloads and installs it silently through the process, hosted on TusFiles.

Analysis date:

11/16/2024 2:58:50 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware (M)

17.3.13.22

File size:

294.3 KB (301,336 bytes)

Product version:

1.0.0.1

Original file name:

TSULoader.exe

File type:

Executable application (Win32 EXE)

Installer:

Tarma Installer

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\orange is the new black audiobook torrent download.exe

Digital Signature

Signed by:

Vasiliy Ryabchenko

Authority:

COMODO CA Limited

Valid from:

7/24/2013 8:00:00 AM

Valid to:

7/25/2014 7:59:59 AM

Subject:

CN=Vasiliy Ryabchenko, O=Vasiliy Ryabchenko, STREET="Panfilova, 21", L=Donets'k, S=Donets'ka, PostalCode=83087, C=UA

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

008778565408D25485A41EFE343A779833

File PE Metadata

Compilation timestamp:

3/12/2013 4:51:45 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x14DB

Entry point:

55, 8B, EC, 81, EC, 2C, 06, 00, 00, 53, 56, 33, DB, 57, 66, 89, 9D, DC, FB, FF, FF, 89, 5D, F4, 89, 5D, FC, FF, 15, 74, 30, 40, 00, A3, 08, 44, 40, 00, FF, 15, 70, 30, 40, 00, 8B, F8, 8D, 45, EC, 50, FF, 15, 6C, 30, 40, 00, FF, 15, 68, 30, 40, 00, 8B, F0, F7, D6, 33, F7, FF, 15, 64, 30, 40, 00, 33, F0, 8B, 45, F0, 33, 45, EC, 68, 04, 01, 00, 00, 33, F0, 8D, 85, D4, F9, FF, FF, 50, 53, FF, 15, 60, 30, 40, 00, 85, C0, 75, 41, FF, 15, 5C, 30, 40, 00, 83, F8, 78, 75, 1A, 68, A8, 32, 40, 00, E8, 43, FB, FF, FF... 
[+]

Entropy:

7.9587

Developed / compiled with:

Microsoft Visual C++

Code size:

7.5 KB (7,680 bytes)

Remove orange is the new black audiobook torrent download.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.