» tinydm.exe
Overview
Analysis
File Details
Downloads (2)

tinydm.exe

Tiny download manager

M417 LTD.

The application tinydm.exe by M417 has been detected as adware by 24 anti-malware scanners. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from dl.tinydm.com and multiple other hosts.

File name:

tinydm.exe

Publisher:

http://www.tinydm.com/ (signed by M417 LTD.)

Product:

Tiny download manager

Version:

2.3.0.0

MD5:

28f409ee770837ba32d746392cb27352

SHA-1:

c67921f7f6bcef3903d543d8af490746c5964196

SHA-256:

43d6c4116d56af69b2de7a7fb53b7837709324a6c1c66544561f56df5562a961

Scanner detections:

24 / 68

Status:

Adware

Explanation:

Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:

11/23/2024 10:55:43 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12948236

663

Agnitum Outpost

Trojan.Badur

7.1.1

AhnLab V3 Security

PUP/Win32.Downloader

2015.04.06

avast!

Win32:Trojan-gen

2014.9-150413

Baidu Antivirus

Trojan.Win32.Badur

4.0.3.15413

Bitdefender

Trojan.Generic.12948236

1.0.20.515

Clam AntiVirus

Win.Trojan.Badur-68

0.98/21511

Comodo Security

UnclassifiedMalware

21660

Dr.Web

Trojan.DownLoader12.42614

9.0.1.0103

Emsisoft Anti-Malware

Trojan.Generic.12948236

8.15.04.13.05

F-Secure

Trojan.Generic.12948236

11.2015-13-04_2

G Data

Trojan.Generic.12948236

15.4.25

IKARUS anti.virus

Trojan.Agent

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.202.15489

Kaspersky

Trojan.Win32.Badur

14.0.0.2199

McAfee

RDN/Generic.tfr!ek

5600.6797

MicroWorld eScan

Trojan.Generic.12948236

16.0.0.309

NANO AntiVirus

Trojan.Win32.Badur.dpgcln

0.30.8.659

nProtect

Trojan/W32.Badur.1010688.B

15.04.03.01

Panda Antivirus

Trj/InstallMonetizer.A

15.03.09.01

Reason Heuristics

PUP.M417

15.3.9.13

Vba32 AntiVirus

Trojan.Badur.aaftx

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

39082

Zillya! Antivirus

Trojan.Badur.Win32.22108

2.0.0.2127

File size:

993 KB (1,016,792 bytes)

Product version:

2.3

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\tinydm.exe

Digital Signature

Signed by:

M417 LTD.

Authority:

StartCom Ltd.

Valid from:

8/12/2013 9:14:35 AM

Valid to:

8/12/2015 6:35:02 PM

Subject:

E=INFO@M417LTD.NET, CN=M417 LTD., O=M417 LTD., L=London, S=Greater London, C=GB, Description=Q1G5XvtHln8BTB3V

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

0AB5

File PE Metadata

Compilation timestamp:

3/5/2015 8:59:32 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:tt3v3WYu9tEkJT44m/+LkmgYkmxFAXGTdTBOWGm:DWmiA3dYkmcGTdlOWGm

Entry address:

0x83F48

Entry point:

E8, A2, DF, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 56, 8B, 75, 08, 8B, 46, 0C, 8B, C8, 80, E1, 03, 33, DB, 80, F9, 02, 75, 40, A9, 08, 01, 00, 00, 74, 39, 8B, 46, 08, 57, 8B, 3E, 2B, F8, 85, FF, 7E, 2C, 57, 50, 56, E8, EF, D2, 00, 00, 59, 50, E8, 2B, E7, 00, 00, 83, C4, 0C, 3B, C7, 75, 0F, 8B, 46, 0C, 84, C0, 79, 0F, 83, E0, FD, 89, 46, 0C, EB, 07, 83, 4E, 0C, 20, 83, CB, FF, 5F, 8B, 46, 08, 83, 66, 04, 00, 89, 06, 5E, 8B, C3, 5B, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 75, 09, 56... 
[+]

Entropy:

6.4031

Code size:

654.5 KB (670,208 bytes)

The file tinydm.exe has been seen being distributed by the following 2 URLs.

http://dl.tinydm.com/.../TinyDM.exe

http://tinydm.com/.../TinyDM.exe

Remove tinydm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.