home

tanya tate casting couch.exe

The application tanya tate casting couch.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from boxesists.info and multiple other hosts.
MD5:
7c22c2b1fee2ad26eb0c8001dfe24392

SHA-1:
5af2a0d8868a903ae10495edaf962307e6e591cd

SHA-256:
5e0b9c329ffc8b7508fe6c43de6519422053dbe29ac14e20883582483cd4ba2b

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
12/28/2024 11:47:19 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.IF
6196279

AhnLab V3 Security
PUP/Win32.MultiPlug
2014.12.20

Avira AntiVirus
ADWARE/MultiPlug.Gen7
7.11.196.210

avast!
Win32:PUP-gen [PUP]
141214-1

AVG
Adware Generic6.EU
2014.0.4235

Bitdefender
Application.Bundler.IF
1.0.20.1765

Comodo Security
Application.Win32.Multiplug.CT
20413

Emsisoft Anti-Malware
Application.Bundler.IF
9.0.0.4668

ESET NOD32
Win32/Adware.MultiPlug.DZ application
7.0.302.0

F-Prot
W32/A-b5918a94
v6.4.7.1.166

F-Secure
Riskware.Application.Bundler.IF
5.13.68

G Data
Application.Bundler.IF
14.12.24

K7 AntiVirus
Unwanted-Program
13.188.14380

Kaspersky
not-a-virus:AdWare.Win32.MultiPlug
15.0.0.543

McAfee
Program.MultiPlug-FTA
16.8.708.2

MicroWorld eScan
Application.Bundler.IF
15.0.0.1059

NANO AntiVirus
Riskware.Win32.MultiPlug.djilsw
0.28.6.64267

Norman
Application.Bundler.IF
04.12.2014 14:30:06

Qihoo 360 Security
Malware.QVM10.Gen
1.0.0.1015

Vba32 AntiVirus
AdWare.MultiPlug
3.12.26.3

Zillya! Antivirus
Adware.MultiPlug.Win32.73570
2.0.0.2009

File size:
976.5 KB (999,936 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\tanya tate casting couch.exe

File PE Metadata
Compilation timestamp:
1/17/2013 1:08:58 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:zl11t01dsh6Iq0/gmN9YQlt/+rEB5evJUVQyTxNJ:zl11t1q0/7YgwrEB0xUV11

Entry address:
0x42737

Entry point:
E8, 20, 39, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 60, 34, 4F, 00, E8, 53, 11, 00, 00, E8, ED, 3A, 00, 00, 0F, B7, F0, 6A, 02, E8, B3, 38, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, C3, 09, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.2659

Code size:
296.5 KB (303,616 bytes)

The file tanya tate casting couch.exe has been seen being distributed by the following 2 URLs.

http://boxesists.info/hp/?q=M dSMZ0C95nXKdefABTW52tQNLdOYgO1x8xLDlm0u/yp1EI8AN/WmTEQtb5f0NSDG3czxQhF8usAiBmzXpDjbTXH6FVG8rEX6Wn5x0sSTIbA0CvI5kX7waBYhERdZynnStv/XE28zCZF012x/.../RV33k WIco50olCP1wpo62FVNnPiMbPd6OH4lDd5nel524fyScJPPEa0Z&external_id=1417049236235721872

http://homela.net/4608cb295db85b8e671778049295450b/diva/dl.php?id=1417049236235721872&r=http://boxesists.info/hp/?q=M dSMZ0C95nXKdefABTW52tQNLdOYgO1x8xLDlm0u/yp1EI8AN/WmTEQtb5f0NSDG3czxQhF8usAiBmzXpDjbTXH6FVG8rEX6Wn5x0sSTIbA0CvI5kX7waBYhERdZynnStv/XE28zCZF012x/.../RV33k WIco50olCP1wpo62FVNnPiMbPd6OH4lDd5nel524fyScJPPEa0Z&__rnd=d1ac5c886194ae77d927e12ab0b889c6

Remove tanya tate casting couch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.