top 10 most popular at sourceforge.exe

Fast Download Got

The application top 10 most popular at sourceforge.exe by Fast Download Got has been detected as adware by 21 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from stds1go.mutedownload.com.
Publisher:
Fast Download Got  (signed and verified)

MD5:
36cab229e6f76d06b7af291d1abade86

SHA-1:
502fec2edf55f9e3e38bb77b957940fae8c21c09

SHA-256:
7a28423a5d660cc0cd335f81f238c339cd3610059a0927d01af54c03d730c4ba

Scanner detections:
21 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
12/25/2024 5:19:53 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Outbrowse.1
688

Agnitum Outpost
PUA.OutBrowse
7.1.1

Avira AntiVirus
PUA/Outbrowse.Gen
7.11.218.66

avast!
Malware-gen
2014.9-150318

AVG
Potentially harmful program Downloader
2016.0.3166

Bitdefender
Gen:Variant.Application.Bundler.Outbrowse.1
1.0.20.385

Dr.Web
infected with Trojan.OutBrowse.89
9.0.1.077

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Outbrowse
8.15.03.18.12

ESET NOD32
Win32/OutBrowse.BU potentially unwanted application
9.7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
3/18/2015

F-Secure
Riskware.Gen:Application.Heur.fv0@m0W08UcO
5.13.68

G Data
Gen:Variant.Application.Bundler.Outbrowse
15.3.25

K7 AntiVirus
DoS-Trojan
13.194.14968

Malwarebytes
PUP.Optional.OutBrowse.gen
v2015.03.18.12

MicroWorld eScan
Gen:Variant.Application.Bundler.Outbrowse.1
16.0.0.231

NANO AntiVirus
Trojan.Win32.OutBrowse.dmikim
0.30.8.659

Reason Heuristics
PUP.Installer.FastDownloadGot
15.3.18.12

Sophos
PUA 'OutBrowse Revenyou'
5.12

Trend Micro House Call
Suspici.2AB55E13
7.2.77

VIPRE Antivirus
Threat.4150696
36694

File size:
610.9 KB (625,552 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\top 10 most popular at sourceforge.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
1/31/2015 4:00:00 PM

Valid to:
1/27/2016 3:59:59 PM

Subject:
CN=Fast Download Got, O=Fast Download Got, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
7D0DB9C5CB25841E98C41574D40AE1F0

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:VxPyYeBBspMgZmZl3UdK/B19nvrftSAGRgOJPvVYNHQsqyMX5OLe5EC:VxKzBsegZmloKz9jVSAGimPvVYHdMX5r

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9477

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file top 10 most popular at sourceforge.exe has been seen being distributed by the following URL.

Remove top 10 most popular at sourceforge.exe - Powered by Reason Core Security