tg_downloader_pour_borland-c-compiler.exe

telecharger-gratuit Download Manager

MY-IWEB

The application tg_downloader_pour_borland-c-compiler.exe by MY-IWEB has been detected as adware by 2 anti-malware scanners. This is a setup program which is used to install the application. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from telecharger-gratuit.com.
Publisher:
MyIweb Tunisia  (signed by MY-IWEB)

Product:
telecharger-gratuit Download Manager

Version:
1.0.0.0

MD5:
ec17d603f0292a42c861643691630f99

SHA-1:
3b61165a8ecd8d559c4e4edd89705f6d4d29c97b

SHA-256:
6e7c04917d58641e7fa77eda0234c8e8be3dde32688b856417819f9b94a4dc29

Scanner detections:
2 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/5/2024 8:06:10 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MYIWEB.f
14.9.29.12

VIPRE Antivirus
InstallCore
30310

File size:
935.6 KB (958,064 bytes)

Product version:
1.0.0.0

Copyright:
C-2011:Tout droit réservé à MyIweb

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\users\{user}\downloads\programs\tg_downloader_pour_borland-c-compiler.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
8/27/2012 2:45:34 PM

Valid to:
8/24/2013 12:44:11 PM

Subject:
E=rcq@myiweb.com, CN=MY-IWEB, O=MY-IWEB, C=TN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112105FC283045682E64FBFCB571350E3BD9

File PE Metadata
Compilation timestamp:
10/19/2012 4:46:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:9NBWZh8hvRf5J0KEG7E0qkf60TAib8EsfYRq6I:9NBYSxZ5JJEG40qkfTMRn6I

Entry address:
0x333BB0

Entry point:
60, BE, 00, 20, 66, 00, 8D, BE, 00, F0, D9, FF, C7, 87, F4, C9, 27, 00, 09, 91, D1, D4, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 91, 18, 33, 00, 57, 83, C3, 04, 53, 68, A8, 1B, 0D, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Code size:
844 KB (864,256 bytes)

The file tg_downloader_pour_borland-c-compiler.exe has been seen being distributed by the following URL.

Remove tg_downloader_pour_borland-c-compiler.exe - Powered by Reason Core Security