tuto4pc.exe

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application tuto4pc.exe, “Tuto4pc Setup ” by Tuto4PC.com has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser. The file has been seen being downloaded from dlbr.tuto4pc.com.
Publisher:
Tuto4pc   (signed by Tuto4PC.com)

Product:
Tuto4pc

Description:
Tuto4pc Setup

MD5:
2bbb9559c5c422356578391693fe85e4

SHA-1:
bd09bac86df12fb1ad0e73cbce5bec8fa10a2343

SHA-256:
ffc4bb7e2d7ccccb815d9843db93a0d48c50271b9bd7697ae92d5bba0de59360

Scanner detections:
19 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/23/2024 12:56:13 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/PcTuto.A
7.11.84.204

avast!
Win32:Adware-ASG [PUP]
2014.9-130829

Bitdefender
Application.Generic.408133
1.0.20.1605

Boost by Reason
Optional.Tuto4PC.H
188838

Comodo Security
ApplicUnwnt
16432

Emsisoft Anti-Malware
Application.Generic.408133
8.13.11.17.12

ESET NOD32
Win32/Adware.EoRezo.AC (variant)
7.8450

Fortinet FortiGate
Riskware/EoRezo
8/29/2013

F-Secure
Application.Generic.408133
11.2013-17-11_1

G Data
Application.Generic.408133
13.11.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.0.3.0

Malwarebytes
Adware.Eorezo
v2013.08.29.01

Microsoft Security Essentials
1.163.1557.0

MicroWorld eScan
Application.Generic.408133
14.0.0.963

Panda Antivirus
Suspicious file
13.08.29.01

Reason Heuristics
PUP.Installer.Tuto4PC.H
14.8.8.3

SUPERAntiSpyware
Adware.Eorezo
10707

Trend Micro House Call
TROJ_GEN.F47V0613
7.2.241

VIPRE Antivirus
Trojan.Win32.Generic
18718

File size:
2.4 MB (2,522,592 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\tuto4pc.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
10/27/2011 8:26:43 AM

Valid to:
10/27/2013 8:26:43 AM

Subject:
CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-de-france, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11217A044D9875AB5200314888C39C5486EF

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:naW/gKUEIZUi4Jz3fOiwF/6769S7zqXeA7EUn3XGA37zs:aOp3IZUi4RCDn793Xu

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9960

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file tuto4pc.exe has been seen being distributed by the following URL.

Remove tuto4pc.exe - Powered by Reason Core Security