pratesfacebookhackv1.2passwordsifreseri.exe

Setup

Dey yazilim ve internet hizmetleri san. tic. ltd. sti.

The application pratesfacebookhackv1.2passwordsifreseri.exe by Dey yazilim ve internet hizmetleri san. tic. ltd. sti has been detected as adware by 18 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
HPL  (signed by Dey yazilim ve internet hizmetleri san. tic. ltd. sti.)

Product:
Setup

Description:
HPL Setup

Version:
1.1.2.0

MD5:
7e020efb6e279e03dc93d7bc0a337dd7

SHA-1:
e8e5217d1b0d88e77dc6c2ddedc1157a15c9bd2b

SHA-256:
89cd73c615739bfda5e33c6e331dca802135cd167c1d0f7317b6db179da745e0

Scanner detections:
18 / 68

Status:
Adware

Analysis date:
12/24/2024 12:25:58 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Joedown
7.1.1

AhnLab V3 Security
PUP/Win32.Joedown
2015.05.03

Avira AntiVirus
ADWARE/Joedown.476896.16
3.6.1.96

AVG
Generic
2016.0.3163

Baidu Antivirus
Adware.MSIL.Joedown
4.0.3.15627

Dr.Web
Trojan.KillFiles.18730
9.0.1.080

ESET NOD32
MSIL/Adware.Joedown (variant)
9.11567

Fortinet FortiGate
Adware/Agent
3/21/2015

G Data
Win32.Application.Agent.AP4UPI
15.3.25

herdProtect (fuzzy)
2015.6.27.6

IKARUS anti.virus
not-a-virus:AdWare.MSIL.Agent
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.203.15786

Kaspersky
not-a-virus:AdWare.MSIL.Agent
14.0.0.2312

McAfee
Artemis!99D74B4B0A65
5600.6819

Panda Antivirus
Generic Suspicious
15.03.21.04

Reason Heuristics
PUP.Installer.Amonitize
15.3.21.16

Sophos
Generic PUA LE
4.98

Trend Micro House Call
Suspicious_GEN.F47V0430
7.2.80

File size:
465.2 KB (476,376 bytes)

Product version:
1.1.2.0

Copyright:
HPL

Trademarks:
HPL

Original file name:
HPL.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\downloads\pratesfacebookhackv1.2passwordsifreseri.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
3/12/2014 2:00:00 AM

Valid to:
3/13/2015 1:59:59 AM

Subject:
CN=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., O=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., STREET=kuloglu mah alyon gecidi sok, STREET=beyoglu, L=istanbul, S=istanbul, PostalCode=34433, C=TR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FD3AA42CD883A6D47CC56CDA9837EB85

File PE Metadata
Compilation timestamp:
3/5/2015 10:37:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:jMGsgL7GZOsLa30hTbeS/J1s0ldUmx/bLbYnwch3SjBYU6:j/nGZY09KS/J1sGdUmx/bwnwccO

Entry address:
0x6363E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
390 KB (399,360 bytes)

Remove pratesfacebookhackv1.2passwordsifreseri.exe - Powered by Reason Core Security