tigersavings.exe
Tiger Savings
Innovative Apps
This is part of a distribution package that is classified as adware distributed by 50onRed. This adware is used to interact with the installed web browsers and inject ads and modify the default search and homepages. The application tigersavings.exe, “Tiger Savings Installer” by Innovative Apps has been detected as adware by 7 anti-malware scanners. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.
File name:
tigersavings.exe
Publisher:
215 Apps (signed by Innovative Apps)
Description:
Tiger Savings Installer
MD5:
a321d779ed43d50523bc8cdb84307f28
SHA-1:
dfd433e56a05b0f07436af949cf508a012833fd7
SHA-256:
60fde49bd7d38da8e0af1654cdcc63b790ebbf37d6eb79157e386c4a6ea2f4eb
Scanner detections:
7 / 68
Explanation:
Browser extension that injects additional advertisements (banner and text links) on web pages.
Analysis date:
12/25/2024 1:39:05 PM UTC (today)
Scan engine
Detection
Engine version
avast!
Win32:Installer-M [Adw]
2014.9-130803
Boost by Reason
Trojan.Adw.Installer.InnovativeApps.M
2013.8.3.17
Dr.Web
Adware.Downware.1054
9.0.1.0215
ESET NOD32
Win32/Packed.ScrambleWrapper
7.8727
Reason Heuristics
PUP.Installer.InnovativeApps.M
14.8.7.17
Trend Micro House Call
TROJ_GEN.F47V0405
7.2.215
VIPRE Antivirus
GamePlayLabs
20878
File size:
3.2 MB (3,324,904 bytes)
Copyright:
Copyright 215 Apps
File type:
Executable application (Win32 EXE)
Language:
English (United States)
Common path:
C:\users\{user}\downloads\tigersavings.exe
Valid from:
1/8/2013 4:00:00 PM
Valid to:
1/9/2014 3:59:59 PM
Subject:
CN=Innovative Apps, O=Innovative Apps, L=Philadelphia, S=Pennsylvania, C=US
Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US
Serial number:
5419E32FDAD7A6E5666A35066C5EAAC5
Compilation timestamp:
1/5/2010 4:09:32 AM
CTPH (ssdeep):
98304:VYmyTUPpJIstjpwAeYm7Bobs/oIC1E78wfO:VYmy4PpJndwAeYEQDT
Code size:
33 KB (33,792 bytes)
The file tigersavings.exe has been seen being distributed by the following URL.