sly cooper- thieves in time.exe

The application sly cooper- thieves in time.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from sagefile.com.
MD5:
d6d758a1f3f3be52d3111a425b7be5f6

SHA-1:
1e24d18fc0ae50e4df458f69447f8fb5571a18ea

SHA-256:
51b6b7dc15dbb21e911843bb4c5a019336d2f80844e07df460c00592f4c1a434

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
12/26/2024 2:34:32 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Solimba.Bundler (M)
16.7.24.2

File size:
562 KB (575,536 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\sly cooper- thieves in time.exe

File PE Metadata
Compilation timestamp:
12/4/2014 1:00:46 PM

OS version:
5.1

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:Yb+tijs1TQZrq2QLuBufr8GRSfTp1MFXVibupsrF6+wt:Yb+tJ1TCr1Eucr8P1MFIb0dt

Entry address:
0xD44C

Entry point:
E8, AF, 6C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, 60, 42, 00, E8, FE, 15, 00, 00, E8, 80, 6E, 00, 00, 0F, B7, F0, 6A, 02, E8, 42, 6C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 0B, 65, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
111 KB (113,664 bytes)

The file sly cooper- thieves in time.exe has been seen being distributed by the following URL.

Remove sly cooper- thieves in time.exe - Powered by Reason Core Security