suburbiagenerator__7934_il2497522.exe

The application suburbiagenerator__7934_il2497522.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup program which is used to install the application. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from v4download2.biz and multiple other hosts.
Version:
1.1.5.90

MD5:
bc89fc056aa2e71b3942f13b8e16c167

SHA-1:
00e83e1ae4f5bbec06cc2bdafb954053abb92867

SHA-256:
912e88d22c518ae7e41a0cdd575b47ca28f8c7a7df42a1f6e65f50ce3f940339

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 5:44:47 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/Amonetize.fhz
7.11.177.172

avast!
Win32:Dropper-gen [Drp]
2014.9-141106

AVG
Generic_r
2015.0.3299

Bkav FE
W32.HfsAutoA
1.3.0.4959

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.2988

Malwarebytes
PUP.Optional.Amonetize
v2014.11.06.07

McAfee
Artemis!BC89FC056AA2
5600.6955

Sophos
Generic PUA AA
4.98

File size:
519.1 KB (531,536 bytes)

Product version:
1.1.5.90

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\suburbiagenerator__7934_il2497522.exe

File PE Metadata
Compilation timestamp:
10/3/2014 5:04:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:9LU3ZYzlewtXF+k9zyBGHeOgcMOWoV8Mb8:uYzleEKBN6MO1V8c8

Entry address:
0x151A91

Entry point:
53, 68, 32, D5, B1, 89, 88, 5C, 24, 04, 88, 34, 24, C7, 44, 24, 04, 4E, 45, 6A, F8, 51, 68, E5, A2, 4B, 01, C7, 44, 24, 08, EE, F9, 13, 0F, 60, 88, 7C, 24, 08, 8D, 64, 24, 28, E9, 69, 25, 00, 00, D2, 7A, E6, 29, 74, C9, 40, FC, 78, E4, 8F, CF, 9F, ED, 6F, F1, 6B, D1, 8B, E1, C6, 2C, AC, ED, 5D, 1B, 7F, 51, 11, F5, 4F, 11, 0D, 73, 75, 50, 6A, 73, 6B, F0, 62, 21, 58, C8, 50, 88, F0, D4, 60, 02, E6, 62, 11, 51, 0B, 2D, 41, 2B, 31, 27, 35, 2F, 2D, 13, 4D, 45, AC, 7C, 1F, 7A, 9A, CE, 4B, 67, DB, 03, CA, AA, 1C...
 
[+]

Entropy:
7.9065  (probably packed)

Code size:
178.5 KB (182,784 bytes)

The file suburbiagenerator__7934_il2497522.exe has been seen being distributed by the following 2 URLs.

Remove suburbiagenerator__7934_il2497522.exe - Powered by Reason Core Security