time saver standards for housing and residential.exe

File

Safe downloAD GtL

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application time saver standards for housing and residential.exe by Safe downloAD GtL has been detected as adware by 18 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from get.0107design.info.
Publisher:
Safe downloAD GtL  (signed and verified)

Product:
File

Version:
1.9.3.0

MD5:
b3b0d172ec53cfd9ecf8613850f4bb55

SHA-1:
50f53ee98f5ae97d1b47c34a84f38b0ad013e06a

SHA-256:
8a79d1b0de68d15256abf8ca668f5ffb11a5096c8e047fa0cdc80696c0e7cc3d

Scanner detections:
18 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
12/24/2024 3:44:15 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Outbrowse.BA
5774621

AhnLab V3 Security
PUP/Win32.OutBrowse
2015.04.29

Avira AntiVirus
PUA/Outbrowse.Gen
3.6.1.96

AVG
Downloader
2016.0.3125

Bitdefender
Application.Bundler.Outbrowse.BA
1.0.20.595

Emsisoft Anti-Malware
Application.Bundler.Outbrowse.BA
9.0.0.4799

ESET NOD32
Win32/OutBrowse.BU potentially unwanted
9.11548

Fortinet FortiGate
Riskware/OutBrowse
4/29/2015

F-Secure
Application.Bundler.Outbrowse
11.2015-29-04_4

G Data
Application.Bundler.Outbrowse.BA
15.4.25

MicroWorld eScan
Application.Bundler.Outbrowse.BA
16.0.0.357

NANO AntiVirus
Trojan.Win32.OutBrowse.dpuzhb
0.30.24.1357

Qihoo 360 Security
HEUR/QVM30.1.Malware.Gen
1.0.0.1015

Quick Heal
Adware.NSIS.OutBrowse.A
4.15.14.00

Reason Heuristics
Threat.Outbrowse.Bundler
15.4.28.21

Sophos
Generic PUA EB
4.98

Trend Micro House Call
Suspici.FCDBA93D
7.2.119

VIPRE Antivirus
Threat.5085447
39676

File size:
1 MB (1,100,368 bytes)

Product version:
1.9.3.0

Copyright:
File

Original file name:
Ionic.Zip-2015Apr28-221708-0884b682-c3d7-4082-bf52-910c06c5d927.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\time saver standards for housing and residential.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
4/25/2015 6:00:00 PM

Valid to:
1/27/2016 4:59:59 PM

Subject:
CN=Safe downloAD GtL, O=Safe downloAD GtL, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
47060CFBBA05D107A00164DDE855953A

File PE Metadata
Compilation timestamp:
4/28/2015 4:17:09 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:EbSaE4mvt/mk9hR/hh5sj2oytwwL1RY9m6VDL57:EbSv4mv4yhR3+ioaX1q95Vl

Entry address:
0x75F3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.5472

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
464 KB (475,136 bytes)

The file time saver standards for housing and residential.exe has been seen being distributed by the following URL.