total commander 8.50 portable keys, serial number plus crack full download__10924_i1536436517_il1551

LLC DE PROEKT

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file total commander 8.50 portable keys, serial number plus crack full download__10924_i1536436517_il1551 by LLC DE PROEKT has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
LLC DE PROEKT  (signed and verified)

Version:
1.1.8.22

MD5:
37785efad113afaaaeec8fa995ed680c

SHA-1:
beb913b856cdd54d7ddc565357342aeb36273a69

SHA-256:
3d88bf7d174d8544fa8dbe5487990d485d12746935053e3e1100a1f4ee57d981

Scanner detections:
24 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/16/2024 3:51:45 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Amonetize.BA
5743552

Agnitum Outpost
PUA.Amonetize
7.1.1

AhnLab V3 Security
PUP/Win32.Amonetize
2015.06.18

Avira AntiVirus
ADWARE/Amonetize.635408.4
8.3.1.6

Arcabit
Application.Bundler.Amonetize.BA
1.0.0.425

avast!
Win32:PUP-gen [PUP]
2014.9-150617

AVG
BundleApp
2016.0.3075

Bitdefender
Application.Bundler.Amonetize.BA
1.0.20.840

Dr.Web
Trojan.Amonetize.3647
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.Amonetize.BA
10.0.0.5366

ESET NOD32
Win32/Amonetize.FC potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/Amonetize
6/17/2015

F-Secure
Riskware.Application.Bundler.Amonetize
5.14.151

G Data
Application.Bundler.Amonetize.BA
15.6.25

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
15.0.0.543

Malwarebytes
PUP.Optional.Bundle
v2015.06.17.05

MicroWorld eScan
Application.Bundler.Amonetize.BA
16.0.0.504

NANO AntiVirus
Riskware.Win32.Amonetize.dsucco
0.30.24.2086

Norman
Application.Bundler.Amonetize.BA
02.06.2015 14:23:46

Panda Antivirus
Trj/Genetic.gen
15.06.17.05

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.DEPROEKT
15.6.17.17

VIPRE Antivirus
Threat.4150696
40786

Zillya! Antivirus
Adware.Amonetize.Win32.4105
2.0.0.2231

File size:
620.5 KB (635,408 bytes)

Product version:
1.1.8.22

Original file name:
setup.exe

Bundler/Installer:
Amonetize Downloader

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\total commander 8.50 portable keys, serial number plus crack full download__10924_i1536436517_il1551335.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/6/2015 2:00:00 AM

Valid to:
5/6/2016 1:59:59 AM

Subject:
CN=LLC DE PROEKT, O=LLC DE PROEKT, STREET="str. Petropavlovska, 3", L=Simferopol, S=AR Krym, PostalCode=95000, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2D675A924C3DAB51C8060B92453C4912

File PE Metadata
Compilation timestamp:
6/12/2015 9:26:41 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:756qoohtlr8iVKEhn+SM/Tayb4mXJhtaHOQUr0JNmu1facYl7:HRh/YXEZVM742PO4wpYl

Entry address:
0xB852

Entry point:
E8, 7B, 2B, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 77, 6F, 53, 57, A1, 08, BA, 37, 00, 85, C0, 75, 1D, E8, 76, 15, 00, 00, 6A, 1E, E8, CC, 15, 00, 00, 68, FF, 00, 00, 00, E8, 1E, 18, 00, 00, A1, 08, BA, 37, 00, 59, 59, 85, F6, 74, 04, 8B, CE, EB, 03, 33, C9, 41, 51, 6A, 00, 50, FF, 15, 78, 30, 37, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5B, 39, 05, 20, BD, 37, 00, 74, 0D, 56, E8, 62, 02, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 77, 1F, 00, 00, 89, 18, E8, 70, 1F, 00, 00, 89, 18, 8B...
 
[+]

Entropy:
7.6596

Code size:
72 KB (73,728 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to server-54-230-52-246.jfk6.r.cloudfront.net  (54.230.52.246:80)

TCP (HTTP):
Connects to server-54-192-55-178.jfk6.r.cloudfront.net  (54.192.55.178:80)

TCP (HTTP):
Connects to ec2-54-225-244-105.compute-1.amazonaws.com  (54.225.244.105:80)