pazera_free_audio_extractor.exe

Pazera Free Audio Extractor

Pazera Jacek

The application pazera_free_audio_extractor.exe, “Pazera Free Audio Extractor Setup ” by Pazera Jacek has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from www.pazera-download.com.
Publisher:
Pazera Jacek   (signed by Pazera Jacek)

Product:
Pazera Free Audio Extractor

Description:
Pazera Free Audio Extractor Setup

MD5:
f34b7a45fbcb1dae640db755ec7fdb51

SHA-1:
d067df94f791fb252ccd02651ef1f65113953a85

SHA-256:
6c072fed5d4f4812fa178cadf1218ccd4a105e164cd024b8adf9b883719c238a

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:
11/18/2024 1:29:53 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
ASD.Prevention
2013.12.31

ESET NOD32
Win32/InstallMonetizer.AF
8.9305

Reason Heuristics
PUP.InstallMonetizer.Bundle (M)
16.3.10.15

File size:
3.8 MB (4,021,240 bytes)

Product version:
1.4

Copyright:
Copyright © 2012 Jacek Pazera, http://pazera-software.com

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pazera_free_audio_extractor.exe

Digital Signature
Signed by:

Authority:
Unizeto Technologies S.A.

Valid from:
5/10/2012 8:48:07 AM

Valid to:
5/10/2013 8:48:07 AM

Subject:
E=jacekpazera@wp.pl, CN=Jacek Pazera, O=Pazera Jacek, C=PL

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
3235239474BA72D27A7E6ADD9FD85B75

File PE Metadata
Compilation timestamp:
10/9/2012 10:48:22 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:Yk6yv0axKYh5O+jGFKkTYftkjhXlL/wTXLrF:YeK4FAF2kNXlL+N

Entry address:
0xF3BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 64, ED, 40, 00, E8, E8, 71, FF, FF, 33, C0, 55, 68, 89, FA, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 45, FA, 40, 00, 64, FF, 32, 64, 89, 22, A1, 48, 3B, 41, 00, E8, BE, F7, FF, FF, E8, 65, F3, FF, FF, 8D, 55, EC, 33, C0, E8, F7, C3, FF, FF, 8B, 55, EC, B8, 4C, 66, 41, 00, E8, 6A, 58, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 4C, 66, 41, 00, B2, 01...
 
[+]

Entropy:
7.9916

Developed / compiled with:
Microsoft Visual C++

Code size:
59 KB (60,416 bytes)

The file pazera_free_audio_extractor.exe has been seen being distributed by the following URL.

Remove pazera_free_audio_extractor.exe - Powered by Reason Core Security