home

q2nsm4yl.exe

The file q2nsm4yl.exe has been detected as a potentially unwanted program by 2 anti-malware scanners. The file has been seen being downloaded from intva31.desktophome.info.
MD5:
c06aa994ba4014fc2ebb38f169067aee

SHA-1:
08168b55cf5171652ff9e7bc56c2cf875bbd5146

SHA-256:
4c9fd6e09dd0e945f1c9d6c17341c73e79fa441819479686cd065df0e6867753

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 12:21:47 PM UTC  (today)

Scan engine
Detection
Engine version

F-Secure
Variant.Adware.Graftor
5.15.96

Reason Heuristics
Adware.Bundler (M)
16.11.22.9

File size:
125.2 KB (128,166 bytes)

Common path:
C:\users\{user}\appdata\local\temp\q2nsm4yl.exe.part

File PE Metadata
OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
3.0

CTPH (ssdeep):
3072:b3RghyNPIxKUGSEGGhRn/+JMiyppcmSrrTKSPoE:L+0IxKUGSen2Jvyzcb7KSPoE

Entry address:
0x4D830

Code size:
306.1 KB (313,456 bytes)

The file q2nsm4yl.exe has been seen being distributed by the following URL.

http://intva31.desktophome.info/dl-pure/1203367/.../?bc=1203367&checksum=73145027&ephemeral=1&filename=adobe_flash_player.exe&cb=1691315868&hashstring=eygyXtaV9N0O&usefilename=true&executableroutePath=1203655&stub=true

Remove q2nsm4yl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.