» taskmgr.exe
Overview
Analysis
File Details
Downloads (1)

taskmgr.exe

The application taskmgr.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. This is a setup program which is used to install the application. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs. The file has been seen being downloaded from lp5.bongacams24.com.

File name:

taskmgr.exe

MD5:

3643575dc2ee460f2ac895b91fb00cf5

SHA-1:

23fac5aa3ba627ff808d60870eee3722b4d3db82

SHA-256:

c51448661dad2b228521ca3163e419f3ad47dac61dd19ba650d4eab1c58c21c6

Scanner detections:

5 / 68

Status:

Potentially unwanted

Explanation:

Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:

11/15/2024 11:31:42 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AegisLab AV Signature

DangerousObject.Multi.Gen

2.1.4+

AVG

Generic36

2017.0.2826

Dr.Web

Trojan.Siggen6.55013

9.0.1.05190

Reason Heuristics

Trojan.Downloader (M)

16.7.30.11

Zillya! Antivirus

Adware.OutBrowse.Win32.80053

2.0.0.2673

File size:

71.5 KB (73,216 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\taskmgr.exe

File PE Metadata

Compilation timestamp:

8/9/2015 12:09:22 PM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

2.50

CTPH (ssdeep):

1536:ERbGqZFpX2/DI0EimRkN8hwkbWjNdGz7h9i3:ERb0/DI/tRkN8GtpdG/h9i3

Entry address:

0x1000

Entry point:

48, 83, EC, 28, 49, C7, C0, F8, 01, 00, 00, 48, 31, D2, 48, B9, D4, 48, 01, 40, 01, 00, 00, 00, E8, E3, 3F, 00, 00, 48, 31, C9, E8, E7, 3F, 00, 00, 48, 89, 05, B0, 38, 01, 00, 4D, 31, C0, 48, C7, C2, 00, 10, 00, 00, 48, 31, C9, E8, D4, 3F, 00, 00, 48, 89, 05, 8F, 38, 01, 00, E8, B6, D5, 00, 00, E8, 01, D4, 00, 00, E8, 6C, B1, 00, 00, E8, 6B, A9, 00, 00, E8, 22, 9F, 00, 00, E8, A1, 9A, 00, 00, E8, 98, 98, 00, 00, E8, BF, 96, 00, 00, E8, 26, 96, 00, 00, E8, 89, 7F, 00, 00, E8, CC, 6B, 00, 00, E8, D3, 57, 00... 
[+]

Code size:

54.5 KB (55,808 bytes)

The file taskmgr.exe has been seen being distributed by the following URL.

http://lp5.bongacams24.com/taskmgr.exe

Remove taskmgr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.