home

silent hill 5 pc_10924_i5168965_il345.exe

TECHNOINOX LTD

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application silent hill 5 pc_10924_i5168965_il345.exe by TECHNOINOX has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
TECHNOINOX LTD  (signed and verified)

MD5:
962921eafccb59804376cb48e04dd87a

SHA-1:
c498e812955128aa1fe010ffc345258f12753d41

SHA-256:
fdaca600ec6d5dce92ab84243b5f683b4c6d75545a5da7ea3ecf10c3bc94f522

Scanner detections:
17 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/16/2024 9:59:41 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Amonetize
7.1.1

Avira AntiVirus
Adware/AgentCV.A.119
7.11.205.78

AVG
Generic
2016.0.3217

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.Amonetize-511
0.98/19980

Dr.Web
Trojan.Amonetize.329
9.0.1.05190

ESET NOD32
Win32/Amonetize.CW potentially unwanted application
7.0.302.0

G Data
NSIS.Application.Crypted
15.1.25

K7 AntiVirus
Unwanted-Program
13.192.14761

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize
14.0.0.2581

Malwarebytes
PUP.Optional.Amonetize
v2015.01.26.06

McAfee
Artemis!8F00B3F9F161
5600.6873

NANO AntiVirus
Trojan.Win32.Amonetize.dmnxbx
0.30.0.64812

Reason Heuristics
PUP.Amonetize
15.1.26.14

Trend Micro House Call
TROJ_GE.28D9CDA2
7.2.26

Trend Micro
TROJ_GE.28D9CDA2
10.465.26

VIPRE Antivirus
Threat.4150696
36694

File size:
303.4 KB (310,712 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Amonetize Downloader (using Nullsoft Install System)

Common path:
C:\users\{user}\downloads\silent hill 5 pc_10924_i5168965_il345.exe

Digital Signature
Signed by:
TECHNOINOX LTD

Authority:
Thawte, Inc.

Valid from:
11/9/2014 7:00:00 PM

Valid to:
11/10/2015 6:59:59 PM

Subject:
CN=TECHNOINOX LTD, O=TECHNOINOX LTD, L=Novomoskovsk, S=Novomoskovsk, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
289382C761C954AB4B4868F20770B328

File PE Metadata
Compilation timestamp:
10/7/2014 12:40:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:XGC7W7BU5HcMqKGqcUz9Pb/fNkCIssJzywSzXpXbsffOT:Na7gTqKGqP9D/fksICd9T

Entry address:
0x322E

Entry point:
81, EC, D8, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 14, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 09, A3, 78, 4F, 43, 00, E8, FD, 2E, 00, 00, A3, C4, 4E, 43, 00, 55, 8D, 44, 24, 38, 68, B4, 02, 00, 00, 50, 55, 68, D8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, C0, 3E, 43, 00, E8, 68, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, 56, 2B, 00, 00...
 
[+]

Entropy:
7.9240

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

The file silent hill 5 pc_10924_i5168965_il345.exe has been seen being distributed by the following URL.

http://downprov6.downloadfasteasy.com/.../silent hill 5 pc_10924_i5168965_il345.exe

Remove silent hill 5 pc_10924_i5168965_il345.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.