» the elder scrolls online__16833_il96701.exe.gz
Overview
Analysis
File Details
Downloads (9)

the elder scrolls online__16833_il96701.exe.gz

The file the elder scrolls online__16833_il96701.exe.gz has been detected as a potentially unwanted program by 6 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.striker5field.info and multiple other hosts.

File name:

MD5:

19e7c279f1c68c3481d91c7845af0be7

SHA-1:

1729a25edb7d96cb3a19d01db4309a3aac9f56e8

SHA-256:

697f4afb15d7689621111672cab1f0bb098c801873afe4df82e092636e0b04e4

Scanner detections:

6 / 68

Status:

Potentially unwanted

Analysis date:

11/16/2024 12:15:54 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/Amonetize.Gen

8.3.2.4

AVG

Generic

2016.0.2894

Dr.Web

infected with Trojan.Amonetize.11548

9.0.1.05190

McAfee

Trojan.Artemis!A9895AB6AB70

18.0.204.0

Panda Antivirus

Trj/Genetic.gen

15.12.15.03

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1077

File size:

615.9 KB (630,678 bytes)

Common path:

C:\users\{user}\downloads\the elder scrolls online__16833_il96701.exe.gz

The file the elder scrolls online__16833_il96701.exe.gz has been seen being distributed by the following 9 URLs.

http://www.striker5field.info/?vn=1.1.5.55&campid=16450&prefix=File&ti1=NDk2OHwxNDM5OTR8MjA5fDExNTIyOXwxNDUwMTgyMDc2fGIxMTViZjA4LTlhNjktNDc2ZC1jN2ZmLTgwMzgzY2Q4ODc5NXwxODIuNTIuMTI0LjU4fGJiYjcyMWE2MTY2Mzc3MTExNTc4ZTQxMDI1ODk3OGVi&appname=File

http://www.screen1book.info/?vn=1.1.5.55&campid=4692&prefix=&ti1=MzM5MHwxNDQ1MDN8MjA5fDExNzI4MnwxNDUwMTc5NjQ1fGE1M2E0ZTM3LTViNDQtNDUzMy1jNTEzLTY0YjU0ZTk5ZGQzZXwxODIuNTMuNjguMjE1fGFiNmMxYzJmMmEzYzZmNTNjZGNiYjM4YjMzYTExOTFh&appname=Setup

http://www.striker5field.info/?vn=1.1.5.55&campid=3150&prefix=Software Adzan For PC Shollu 3.10&appname=Software Adzan For PC Shollu 3.10

http://www.striker5field.info/?vn=1.1.5.55&campid=14973&prefix=Empire Earth Game&appname=Empire Earth Game

http://www.hdmediahub-dd.biz/direct-download.html?version=1.1.5.55&ci=16760&ti1=MTA3MjB8MTYzMDY5fDE5MHw0MDIyNHwxNDUwMTgwODI2fGNiYWJjZDllLTQ2ODQtNDRhMi1jNGU2LTVjZTJlMjg3NzM1Y3w4My4yMDkuMTQ0Ljg5fDczYTI0ZWJjNTZmNWNhZWMwMDU2MWNmZTNmMGUwYTEw

http://www.striker5field.info/?vn=1.1.5.55&campid=13150&prefix=Kj Activator For Windows 8.1 Free Download&ti1=softwarenewco&appname=Kj Activator For Windows 8.1 Free Download

http://www.striker5field.info/?vn=1.1.5.55&campid=14973&prefix=I.g.I 2 Covert Strike Pc Game&appname=I.g.I 2 Covert Strike Pc Game

http://www.striker5field.info/?vn=1.1.5.55&campid=3422&prefix=The Escapists&appname=The Escapists

http://www.striker5field.info/?vn=1.1.5.55&campid=16833&prefix=The Elder Scrolls Online&appname=The Elder Scrolls Online

Remove the elder scrolls online__16833_il96701.exe.gz - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.