tg_downloader_pour_money-2007-deluxe.exe

telecharger-gratuit Download Manager

MY-IWEB

The application tg_downloader_pour_money-2007-deluxe.exe by MY-IWEB has been detected as adware by 2 anti-malware scanners. This is a setup program which is used to install the application. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from telecharger-gratuit.com and multiple other hosts.
Publisher:
MyIweb Tunisia  (signed by MY-IWEB)

Product:
telecharger-gratuit Download Manager

Version:
1.0.0.0

MD5:
902d8bfd0765456937b4559e5e06295e

SHA-1:
9ba202935f7e620b92f6c36992c4c7941243f448

SHA-256:
d6c42fe472817fb7fcb4ee5665d4f133d4f088b9772626645f6226e6b38485ed

Scanner detections:
2 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/5/2024 8:01:10 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MYIWEB.e
14.8.10.11

VIPRE Antivirus
InstallCore
29194

File size:
1004.6 KB (1,028,720 bytes)

Product version:
1.0.0.0

Copyright:
C-2011:Tout droit réservé à MyIweb

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\users\{user}\downloads\tg_downloader_pour_money-2007-deluxe.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
8/27/2012 3:45:34 PM

Valid to:
8/24/2013 1:44:11 PM

Subject:
E=rcq@myiweb.com, CN=MY-IWEB, O=MY-IWEB, C=TN

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112105FC283045682E64FBFCB571350E3BD9

File PE Metadata
Compilation timestamp:
2/25/2013 4:28:35 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:4ToNGWv7jRe2Nv5acwhywuPZpsEEE+7SX8cXR3nzzakv/ZGtHIZ:vv70av5Bw0P9cchHjXZGs

Entry address:
0x35ECB0

Entry point:
60, BE, 00, E0, 66, 00, 8D, BE, 00, 30, D9, FF, C7, 87, F4, F9, 2A, 00, 36, 16, 2D, 7B, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 11, C9, 35, 00, 57, 83, C3, 04, 53, 68, A2, 0C, 0F, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Code size:
968 KB (991,232 bytes)

The file tg_downloader_pour_money-2007-deluxe.exe has been seen being distributed by the following 5 URLs.

Remove tg_downloader_pour_money-2007-deluxe.exe - Powered by Reason Core Security