the elder scrolls online__16833_il96701.exe.gz

The file the elder scrolls online__16833_il96701.exe.gz has been detected as a potentially unwanted program by 6 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.striker5field.info and multiple other hosts.
MD5:
19e7c279f1c68c3481d91c7845af0be7

SHA-1:
1729a25edb7d96cb3a19d01db4309a3aac9f56e8

SHA-256:
697f4afb15d7689621111672cab1f0bb098c801873afe4df82e092636e0b04e4

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
12/29/2024 5:36:27 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Amonetize.Gen
8.3.2.4

AVG
Generic
2016.0.2894

Dr.Web
infected with Trojan.Amonetize.11548
9.0.1.05190

McAfee
Trojan.Artemis!A9895AB6AB70
18.0.204.0

Panda Antivirus
Trj/Genetic.gen
15.12.15.03

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

File size:
615.9 KB (630,678 bytes)

Common path:
C:\users\{user}\downloads\the elder scrolls online__16833_il96701.exe.gz

The file the elder scrolls online__16833_il96701.exe.gz has been seen being distributed by the following 9 URLs.

http://www.striker5field.info/?vn=1.1.5.55&campid=16450&prefix=File&ti1=NDk2OHwxNDM5OTR8MjA5fDExNTIyOXwxNDUwMTgyMDc2fGIxMTViZjA4LTlhNjktNDc2ZC1jN2ZmLTgwMzgzY2Q4ODc5NXwxODIuNTIuMTI0LjU4fGJiYjcyMWE2MTY2Mzc3MTExNTc4ZTQxMDI1ODk3OGVi&appname=File

http://www.screen1book.info/?vn=1.1.5.55&campid=4692&prefix=&ti1=MzM5MHwxNDQ1MDN8MjA5fDExNzI4MnwxNDUwMTc5NjQ1fGE1M2E0ZTM3LTViNDQtNDUzMy1jNTEzLTY0YjU0ZTk5ZGQzZXwxODIuNTMuNjguMjE1fGFiNmMxYzJmMmEzYzZmNTNjZGNiYjM4YjMzYTExOTFh&appname=Setup