像素海盗+(pixel+piracy)汉化中文破解版v2.5.0.7@132_22916.exe

downloader of lewell

Hefei Lewei Information Technology Co.,Ltd.

The application 像素海盗+(pixel+piracy)汉化中文破解版v2.5.0.7@132_22916.exe by Hefei Lewei Information Technology Co.,Ltd has been detected as a potentially unwanted program by 26 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from xiazai.zol.com.cn.
Publisher:

Product:
downloader of lewell

Version:
1.0.2.1

MD5:
bc85996beed010db1725064811c10346

SHA-1:
45293951c7e1602cd4d19e6cad6c95711e644027

SHA-256:
af8d10ab869242a296366a7f952c116d1b927dc9df8c65a1c71f5ab421d37134

Scanner detections:
26 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 8:05:41 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.84
290

AegisLab AV Signature
Gen.Variant.Application!c
2.1.4+

Avira AntiVirus
APPL/Qjwmonkey.cfk
8.3.3.4

Arcabit
Trojan.Application.Bundler.84
1.0.0.672

avast!
Win32:Adware-gen [Adw]
2014.9-160420

AVG
Generic7
2017.0.2768

Baidu Antivirus
Win32.Adware.Qjwmonkey
4.0.3.16420

Bitdefender
Gen:Variant.Application.Bundler.84
1.0.20.555

Bkav FE
W32.HfsAdware
1.3.0.7744

Comodo Security
ApplicUnwnt
24841

Dr.Web
Adware.Qjwmonkey.72
9.0.1.0111

ESET NOD32
Win32/Adware.Qjwmonkey (variant)
10.13361

Fortinet FortiGate
Riskware/Qjwmonkey
4/20/2016

F-Secure
Gen:Variant.Application.Bundler
11.2016-20-04_4

G Data
Gen:Variant.Application.Bundler.84
16.4.25

IKARUS anti.virus
PUA.Qjwmonkey
t3scan.2.0.9.0

K7 AntiVirus
Adware
13.222.19355

Kaspersky
not-a-virus:AdWare.Win32.Agent
14.0.0.334

Malwarebytes
Adware.Qjwmonkey
v2016.04.20.06

McAfee
Artemis!BC85996BEED0
5600.6424

MicroWorld eScan
Gen:Variant.Application.Bundler.84
17.0.0.333

Panda Antivirus
Trj/CI.A
16.04.20.06

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.16418

Sophos
QjMonkey (PUA)
4.98

VIPRE Antivirus
Trojan.Win32.Generic
48764

Zillya! Antivirus
Adware.Qjwmonkey.Win32.128
2.0.0.2798

File size:
757.1 KB (775,256 bytes)

Product version:
1.0.2.1

Original file name:
downloader of lewell

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\像素海盗+(pixel+piracy)汉化中文破解版v2.5.0.7@132_22916.exe

Digital Signature
Authority:
WoSign CA Limited

Valid from:
10/29/2015 2:17:37 PM

Valid to:
10/29/2016 2:17:37 PM

Subject:
CN="Hefei Lewei Information Technology Co.,Ltd.", O="Hefei Lewei Information Technology Co.,Ltd.", L=Hefei, S=Anhui, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
5AB7015B756534ACC678E7DB75D22D97

File PE Metadata
Compilation timestamp:
4/11/2016 3:56:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:wjALnaH0jVZaKwE4BRBq8BZhrnkNUNTtdiYSY:eATB4E4BRBLtrnkNUptdiYSY

Entry address:
0x2136B

Entry point:
E8, C9, B0, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 0C, 57, 33, FF, 85, F6, 74, 1B, 6A, E0, 33, D2, 58, F7, F6, 3B, 45, 10, 73, 0F, E8, 9F, 11, 00, 00, C7, 00, 0C, 00, 00, 00, 33, C0, EB, 3C, 0F, AF, 75, 10, 53, 8B, 5D, 08, 85, DB, 74, 09, 53, E8, EB, 2A, 00, 00, 59, 8B, F8, 56, 53, E8, 05, B2, 00, 00, 8B, D8, 59, 59, 85, DB, 74, 15, 3B, FE, 73, 11, 2B, F7, 8D, 04, 1F, 56, 6A, 00, 50, E8, 0C, 00, 00, 00, 83, C4, 0C, 8B, C3, 5B, 5F, 5E, 5D, C3, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74...
 
[+]

Entropy:
6.3262

Code size:
228 KB (233,472 bytes)

The file 像素海盗+(pixel+piracy)汉化中文破解版v2.5.0.7@132_22916.exe has been seen being distributed by the following URL.

http://xiazai.zol.com.cn/down.php?nn=c15a2b0d07f490bd1&softid=426731&subcateid=279&site=10&server=10&rand=2495377&action=downloader