tuto4pc.exe

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application tuto4pc.exe, “Tuto4PC Setup ” by Tuto4PC.com has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser. The file has been seen being downloaded from dlfr.tuto4pc.com.
Publisher:
Tuto4PC   (signed by Tuto4PC.com)

Product:
Tuto4PC

Description:
Tuto4PC Setup

MD5:
4a11ad1a366df1f3c062a95765c69157

SHA-1:
7bc318b2e214f10a7c016ac07f1b37174ebfc19f

SHA-256:
92b80fd9001c747bfe962221b198fef4ca125963d21ccae809ea4c12f6e37be4

Scanner detections:
19 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 4:26:45 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/PcTuto.A
7.11.84.204

avast!
Win32:Adware-ASG [PUP]
2014.9-131126

Bitdefender
Application.Generic.408133
1.0.20.1650

Boost by Reason
Optional.Tuto4PC.H
188838

Comodo Security
ApplicUnwnt
16432

Emsisoft Anti-Malware
Application.Generic.408133
8.13.11.26.06

ESET NOD32
Win32/Adware.EoRezo.AC (variant)
7.8450

Fortinet FortiGate
Riskware/EoRezo
11/26/2013

F-Secure
Application.Generic.408133
11.2013-26-11_3

G Data
Application.Generic.408133
13.11.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.3.0

Malwarebytes
Adware.Eorezo
v2013.11.26.06

Microsoft Security Essentials
1.163.1557.0

MicroWorld eScan
Application.Generic.408133
14.0.0.990

Panda Antivirus
Suspicious file
13.11.26.06

Reason Heuristics
PUP.Installer.Tuto4PC.H
14.8.8.3

SUPERAntiSpyware
Adware.Eorezo
10887

Trend Micro House Call
TROJ_GEN.F47V0613
7.2.330

VIPRE Antivirus
Trojan.Win32.Generic
18718

File size:
2.1 MB (2,233,760 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\tuto4pc.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
10/27/2011 8:26:43 AM

Valid to:
10/27/2013 8:26:43 AM

Subject:
CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-de-france, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217A044D9875AB5200314888C39C5486EF

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:Y9DtOrn3tjrgX6mS+gGrdhyXPU1yb9xNp1Ucpxg55:SDtOxgXJSzyEPU1yzNU

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9949

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file tuto4pc.exe has been seen being distributed by the following URL.

Remove tuto4pc.exe - Powered by Reason Core Security