home

the sims 4__6183_il33591.exe

AMGRUP LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application the sims 4__6183_il33591.exe by AMGRUP has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
AMGRUP LLC  (signed and verified)

Version:
1.1.5.26

MD5:
2f67e457005168ead9a2dd124dec3d24

SHA-1:
d3f6e7e81e54e23ac10aaa7251e3a239f475c07e

SHA-256:
69e170c1f0c03e62e8fcf51de7b7847ccc081275c8da0795f399f19fcff805f2

Scanner detections:
24 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/10/2025 8:43:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2043180
760

Agnitum Outpost
PUA.Amonetize
7.1.1

AhnLab V3 Security
PUP/Win32.Amonetiz
2014.12.27

Avira AntiVirus
TR/Crypt.ZPACK.Gen2
7.11.198.180

AVG
Generic
2015.0.3248

Baidu Antivirus
Adware.Win32.Amonetize
4.0.3.1515

Bitdefender
Trojan.GenericKD.2043180
1.0.20.25

Bkav FE
HW32.Packed
1.3.0.6267

Dr.Web
Trojan.Amonetize.341
9.0.1.0360

Emsisoft Anti-Malware
Trojan.GenericKD.2043180
8.15.01.05.10

ESET NOD32
Win32/Amonetize.CK (variant)
8.10931

F-Secure
Trojan.GenericKD.2043180
11.2015-05-01_2

G Data
Trojan.GenericKD.2043180
15.1.24

IKARUS anti.virus
Trojan.Crypt
t3scan.1.8.5.0

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Generic
14.0.0.2685

Malwarebytes
PUP.Optional.Monetizer
v2015.01.05.10

McAfee
Artemis!2F67E4570051
5600.6904

MicroWorld eScan
Trojan.GenericKD.2043180
16.0.0.15

nProtect
Trojan.GenericKD.2043180
14.12.30.01

Panda Antivirus
Trj/CI.A
15.01.05.10

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.AMGRUP.Y
14.12.26.19

Sophos
Generic PUA CE
4.98

Trend Micro House Call
Suspicious_GEN.F47V1226
7.2.360

File size:
560.2 KB (573,632 bytes)

Product version:
1.1.5.26

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Amonetize Downloader

Language:
English (United States)

Common path:
C:\users\{user}\downloads\the sims 4__6183_il33591.exe

Digital Signature
Signed by:
AMGRUP LLC

Authority:
Thawte, Inc.

Valid from:
12/2/2014 2:00:00 AM

Valid to:
12/3/2015 1:59:59 AM

Subject:
CN=AMGRUP LLC, O=AMGRUP LLC, L=Kiev, S=Kiev, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7BEE5C2171C644AF5B917C9D0C4DC006

File PE Metadata
Compilation timestamp:
12/20/2014 12:07:19 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:0yxggGN4jY/gORxDqDRyE1lwqRmJOcGTy9GFXM:/xg14jYYODqr1lwqRmJnHGFXM

Entry address:
0xAF83

Entry point:
E8, 21, 3E, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, C4, 5B, 39, 00, FF, 15, A4, E0, 38, 00, 85, C0, 75, 18, 56, E8, 57, 2D, 00, 00, 8B, F0, FF, 15, 84, E0, 38, 00, 50, E8, 07, 2D, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, C1, ED, FF, FF, C7, 06, C0, EB, 38, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, C0, EB, 38, 00, E9, 05, EE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, C0, EB, 38, 00, E8, F2, ED, FF, FF...
 
[+]

Code size:
115.5 KB (118,272 bytes)

The file the sims 4__6183_il33591.exe has been seen being distributed by the following 3 URLs.

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Fifa 15 Key Generator Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1550666637.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Fifa 15 Key Generator Downloader&instid[interrupted]=http://.../?cancel&ti1=1550666637&instid[thankyoupage]=http://.../?success

http://www.coneflower-download.com/pdownload.php?version=1.1.5.26&campid=8680&instid[appimageurl]=http://appscoring.com/.../cloudl.png&instid[appsetupurl]=.&prefix=Setup&instid[appname]=File Extractor&ti1=MR5&ti2=&ti3=

http://www.slow-download.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Brothers And Sisters Season 1 2 3 4 5 Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1258257541.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Brothers And Sisters Season 1 Downloader&instid[interrupted]=http://.../?cancel&ti1=1258257541&instid[thankyoupage]=http://.../?success

Remove the sims 4__6183_il33591.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.