the elder scrolls online__16833_il96701.exe.gz
The file the elder scrolls online__16833_il96701.exe.gz has been detected as a potentially unwanted program by 6 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.striker5field.info and multiple other hosts.
File name:
the elder scrolls online__16833_il96701.exe.gz
MD5:
19e7c279f1c68c3481d91c7845af0be7
SHA-1:
1729a25edb7d96cb3a19d01db4309a3aac9f56e8
SHA-256:
697f4afb15d7689621111672cab1f0bb098c801873afe4df82e092636e0b04e4
Scanner detections:
6 / 68
Status:
Potentially unwanted
Analysis date:
12/29/2024 5:36:27 AM UTC (today)
Scan engine
Detection
Engine version
Avira AntiVirus
ADWARE/Amonetize.Gen
8.3.2.4
Dr.Web
infected with Trojan.Amonetize.11548
9.0.1.05190
McAfee
Trojan.Artemis!A9895AB6AB70
18.0.204.0
Panda Antivirus
Trj/Genetic.gen
15.12.15.03
Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077
File size:
615.9 KB (630,678 bytes)
Common path:
C:\users\{user}\downloads\the elder scrolls online__16833_il96701.exe.gz
The file the elder scrolls online__16833_il96701.exe.gz has been seen being distributed by the following 9 URLs.
http://www.striker5field.info/?vn=1.1.5.55&campid=16450&prefix=File&ti1=NDk2OHwxNDM5OTR8MjA5fDExNTIyOXwxNDUwMTgyMDc2fGIxMTViZjA4LTlhNjktNDc2ZC1jN2ZmLTgwMzgzY2Q4ODc5NXwxODIuNTIuMTI0LjU4fGJiYjcyMWE2MTY2Mzc3MTExNTc4ZTQxMDI1ODk3OGVi&appname=File
http://www.screen1book.info/?vn=1.1.5.55&campid=4692&prefix=&ti1=MzM5MHwxNDQ1MDN8MjA5fDExNzI4MnwxNDUwMTc5NjQ1fGE1M2E0ZTM3LTViNDQtNDUzMy1jNTEzLTY0YjU0ZTk5ZGQzZXwxODIuNTMuNjguMjE1fGFiNmMxYzJmMmEzYzZmNTNjZGNiYjM4YjMzYTExOTFh&appname=Setup