security essentials 4.8.204.0.rar.exe

Give away SoFtware

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application security essentials 4.8.204.0.rar.exe by Give away SoFtware has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the OutBrowse Revenyou installer.
Publisher:
VFNMG  (signed by Give away SoFtware)

Product:
VFNMG

Version:
1156.15531.1420.6591

MD5:
94a62de6e38245b5dd5124682c482f37

SHA-1:
3e3c1859e6d55b7856e1cf6ba65584f9b31b1e9f

SHA-256:
1ba6b1633b3668b51e1047e82451bf2a0cdb9154074f6fe24e958dcf04e01bcf

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/3/2024 4:59:15 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
17.1.21.18

File size:
744.3 KB (762,128 bytes)

Product version:
1156.15531.1420.6591

Copyright:
VFNMG

Trademarks:
VFNMG

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\security essentials 4.8.204.0.rar.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
5/28/2015 7:00:00 AM

Valid to:
1/28/2016 6:59:59 AM

Subject:
CN=Give away SoFtware, O=Give away SoFtware, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
42465625194473836755592527927673

File PE Metadata
Compilation timestamp:
12/6/2009 5:52:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 1C, 45, 00, E8, F1, 2B, 00, 00, A3, 64, 1B, 45, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 37, 43, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, DB, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, A0, 47, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9839

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove security essentials 4.8.204.0.rar.exe - Powered by Reason Core Security