home

racing game for window xp_10924_i44000172_il345.exe

Runner Utility

BERSHNET LLC

The application racing game for window xp_10924_i44000172_il345.exe by BERSHNET has been detected as adware by 20 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from files.red-1-small-button.com.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
7618ce9e66f65cf76f9fd3f3692e27b2

SHA-1:
5adc5fd0c97be9ad90a4836c260ab99589bac8ef

SHA-256:
c20e422737d0acd7877b6dfd61ad0e74935e0741ba686a6123a6f5856ad61b53

Scanner detections:
20 / 68

Status:
Adware

Analysis date:
11/28/2024 2:54:05 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Mikey.8247
689

AhnLab V3 Security
Trojan/Win32.LoadMoney
2015.03.16

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.217.124

AVG
Generic
2016.0.3167

Bitdefender
Gen:Variant.Adware.Mikey.8247
1.0.20.380

Comodo Security
Application.Win32.LoadMoney.IARS
21424

Emsisoft Anti-Malware
Gen:Variant.Adware.Mikey.8247
8.15.03.17.01

ESET NOD32
Win32/Amonetize.DW potentially unwanted (variant)
9.11324

Fortinet FortiGate
Riskware/Agent
3/17/2015

F-Prot
W32/S-40484255
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Mikey
11.2015-17-03_3

G Data
Gen:Variant.Adware.Mikey.8247
15.3.25

K7 AntiVirus
Unwanted-Program
13.200.15263

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.2332

Malwarebytes
PUP.Optional.Amonetize
v2015.03.17.01

MicroWorld eScan
Gen:Variant.Adware.Mikey.8247
16.0.0.228

Panda Antivirus
Trj/Genetic.gen
15.03.17.01

Qihoo 360 Security
HEUR/QVM16.0.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.BERSHNET
15.3.17.13

VIPRE Antivirus
Amonetize
38454

File size:
1.4 MB (1,482,256 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/6/2015 2:00:00 AM

Valid to:
2/7/2016 1:59:59 AM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
3/15/2015 1:23:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:GyA3Ceu9rMU1BGe4fSfwpnIt4s51L7T4y9yoZ/mCLPYe7ixhnM1nTz2J5vJMV0Br:G4MukTKfCI/5HhZ/f7Rqa1nElySGyl/

Entry address:
0x3B7CD2

Entry point:
E9, 44, 61, 00, 00, E8, 59, 5A, EA, FF, 00, 00, 4C, 6F, 63, 61, 6C, 46, 72, 65, 65, 00, 60, E9, 16, 5C, EA, FF, E9, E5, 0C, FF, FF, E8, 1D, 65, 00, 00, E9, 0E, 8A, EA, FF, 66, 87, 03, E8, 7B, A1, FF, FF, C8, 3F, FC, 3D, F9, 83, 42, 72, 2A, B5, 47, 32, 0F, 4F, ED, C3, 62, A0, 7F, 86, A4, F5, B5, D0, 16, 34, 76, 03, A7, DE, D8, 92, 11, 90, 12, B5, F3, 0B, A8, 2D, 0C, C0, 6E, ED, 5D, 13, 2C, F6, A1, B3, B4, 71, 90, B6, A6, 5A, 62, BC, F1, 40, 18, B9, A9, D2, 95, B6, E6, 5C, DD, 18, 1A, 1F, 41, 92, DE, EA, E2...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
187.5 KB (192,000 bytes)

The file racing game for window xp_10924_i44000172_il345.exe has been seen being distributed by the following URL.

http://files.red-1-small-button.com/p/.../racing game for window xp_10924_i44000172_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.