samsung galaxy trend user guide provided through pdfretriever.com.exe

SuperInstall

LiveSoftAction

The program utilizes the Appscion Download and Install manager, an adware distribution bundler from SIEN SA. The setup program includes ad-supported toolbars and utilities. The application samsung galaxy trend user guide provided through pdfretriever.com.exe by LiveSoftAction has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the SIEN SuperInstall installer.
Publisher:
Live Soft Action S.R.L.  (signed by LiveSoftAction)

Product:
SuperInstall

Version:
8.48.2.2

MD5:
4fdddcb090c649e8ea63a4b40c69bc73

SHA-1:
2125b2b17b68ea4dbaef35779d48011060d8ce40

SHA-256:
0007867abe3b589ceac834a2fc49c3c6f3c67b7a18be0fcd945b76dfa67eccf3

Scanner detections:
1 / 68

Status:
Adware

Explanation:
This is a modified installer that uses the Appscion to bundle adware.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/24/2024 7:41:52 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sien (M)
17.3.15.13

File size:
693.8 KB (710,464 bytes)

Product version:
8.48.2.2

Copyright:
(c) Live Soft Action S.R.L. All rights reserved.

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\downloads\samsung galaxy trend user guide provided through pdfretriever.com.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
12/13/2013 2:00:00 AM

Valid to:
12/14/2014 1:59:59 AM

Subject:
CN=LiveSoftAction, O=LiveSoftAction, STREET="Str. Dionisie Lupu, Nr. 64-66, Et.", L=Bucharest, S=Bucharest, PostalCode=010458, C=RO

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2CAFD284C3B4147AD3E7601989FCCF42

File PE Metadata
Compilation timestamp:
11/25/2014 3:21:58 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x1A4C30

Entry point:
60, BE, 00, 00, 51, 00, 8D, BE, 00, 10, EF, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8969

Packer / compiler:
UPX 2.90LZMA

Code size:
596 KB (610,304 bytes)