» savo radusinovic - 1990 - biljana, ljubavi jedina.exe
Overview
Analysis
File Details
Downloads (1)

savo radusinovic - 1990 - biljana, ljubavi jedina.exe

Calophyllum Acetic

Minx Animal

The application savo radusinovic - 1990 - biljana, ljubavi jedina.exe has been detected as a potentially unwanted program by 17 anti-malware scanners. This is a setup program which is used to install the application. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from newspapersons.biz.

File name:

Publisher:

Minx Animal

Product:

Calophyllum Acetic

Description:

Later Or

Version:

4.8.3.9

MD5:

dd6284819738f246d7f9b620aa722ac4

SHA-1:

5e430cf38e547504743c1233b6e6870cb3070cf3

SHA-256:

660da9ce4580b1e76214b3450a9d0937bac8c19929084187863f275a5a1f57ab

Scanner detections:

17 / 68

Status:

Potentially unwanted

Analysis date:

9/21/2024 2:18:26 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.DB

876

AhnLab V3 Security

Trojan/Win32.Downloader

2014.09.13

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.30.172

AVG

Generic5

2015.0.3354

Bitdefender

Application.Bundler.DB

1.0.20.1275

ESET NOD32

Win32/AdWare.MultiPlug.CN (variant)

8.10408

F-Secure

Application.Bundler.DB

11.2014-12-09_6

G Data

Application.Bundler.DB

14.9.24

K7 AntiVirus

Unwanted-Program

13.183.13358

Malwarebytes

PUP.Optional.MultiPlug

v2014.09.12.11

McAfee

MultiPlug

5600.7010

MicroWorld eScan

Application.Bundler.DB

15.0.0.765

nProtect

Trojan.Downloader.JRBO

14.09.11.01

Panda Antivirus

PUP/TSUploader

14.09.14.01

Qihoo 360 Security

Malware.QVM10.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.14.1

Sophos

MultiPlug

4.98

File size:

833 KB (852,992 bytes)

Product version:

0.8.4.6

Original file name:

Savo Radusinovic - 1990 - Biljana, ljuba.exe

File type:

Executable application (Win32 EXE)

Language:

engleski (Ujedinjeno Kraljevstvo)

Common path:

C:\users\{user}\downloads\savo radusinovic - 1990 - biljana, ljubavi jedina.exe

File PE Metadata

Compilation timestamp:

12/15/2012 6:29:57 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:0njw6T2BYzKd0D8XGxsufGVPnoDAA2rjJZZpG/L8HipNV:0nvtzD8WquOJA2r9Zg4C3V

Entry address:

0x18910

Entry point:

E8, 78, 48, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, C4, 43, 00, E8, 6A, 0D, 00, 00, E8, 45, 4A, 00, 00, 0F, B7, F0, 6A, 02, E8, 0B, 48, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, D5, 06, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

7.8512 (probably packed)

Code size:

130.5 KB (133,632 bytes)

The file savo radusinovic - 1990 - biljana, ljubavi jedina.exe has been seen being distributed by the following URL.

http://newspapersons.biz/v2485/lp/?q=yYHk0IwnUOtgL45678U4R4tIPvdMvm7pRwqUzLQWeKw0NXDY2UhqvPVGQvFy34bfYTOf8NqvCO/48jpNMk8P39j 7oTWj nUjl6KBzWRqhcYXHpBxIdw/vRXUmBT/uOpsIk6qxZv uUS8oz5je4wuOjs3sB0D5lcdNtGznyD5sJS0VNMJekOuaBQqnQKkTsrtWBzjnoC3L bks0ejhQIpnwi8K xZGxoW9rwo9wjG6OMIFS0JUVdjR1kGJQNqJ9VaClKAcMOUWntDao/7vWMqrINCMkA82d0MovrdyeweqBDGyAI2YKk6gkgVi3JYfBo32IVnSDoQOOv D/.../uMb1d f&external_id=1410372813251738378

Remove savo radusinovic - 1990 - biljana, ljubavi jedina.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.