tvapp__8821_i1356999346_il152.exe

The application tvapp__8821_i1356999346_il152.exe has been detected as a potentially unwanted program by 10 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from www.your-tsunami-file.net.
Version:
1.1.5.89

MD5:
bf6fa2dc3efabd859f304e796a7f7e05

SHA-1:
6e0688ddf8c51434d7a7c906d2af397995436f9c

SHA-256:
9976e7240c53c077e460ff447380f9be44cc9eb63c8b573e3dcdc8e061695010

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 4:46:06 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Amonetize
7.1.1

AVG
Downloader.Generic14
2015.0.3298

Baidu Antivirus
Adware.Win32.Amonetize
4.0.3.14116

ESET NOD32
Win32/Amonetize.BS (variant)
8.10512

F-Prot
W32/A-2cc77b1b
v6.4.7.1.166

Malwarebytes
PUP.Optional.Amonetize
v2014.11.06.12

McAfee
PUP-FQT
5600.6954

NANO AntiVirus
Riskware.Win32.Downware.dgawrg
0.28.2.62440

Panda Antivirus
Trj/Genetic.gen
14.11.06.12

Reason Heuristics
Threat.Win.Reputation.IMP
14.11.6.12

File size:
396 KB (405,504 bytes)

Product version:
1.1.5.89

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tvapp__8821_i1356999346_il152.exe

File PE Metadata
Compilation timestamp:
9/25/2014 3:11:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:I7DOnRNXq77GRBmyDQdg8qG1CU8+++DGm4ItZ08odMFovxuEUWMxNzKUW:fNXiaBrDK5qG1S++M7m8odMuUxNz7W

Entry address:
0x16CE0

Entry point:
E8, 7B, 84, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 3D, 44, 9F, 3C, 00, 00, 75, 18, E8, 94, 7D, 00, 00, 6A, 1E, E8, DE, 7B, 00, 00, 68, FF, 00, 00, 00, E8, C3, F4, FF, FF, 59, 59, 8B, 45, 08, 85, C0, 75, 01, 40, 50, 6A, 00, FF, 35, 44, 9F, 3C, 00, FF, 15, 58, 11, 3C, 00, 5D, C3, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 44, 9F, 3C, 00, 00, 75, 18, E8, 4A, 7D, 00, 00, 6A, 1E, E8, 94, 7B, 00, 00, 68, FF, 00, 00, 00, E8, 79, F4, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3...
 
[+]

Entropy:
7.2617

Code size:
190 KB (194,560 bytes)

The file tvapp__8821_i1356999346_il152.exe has been seen being distributed by the following URL.

Remove tvapp__8821_i1356999346_il152.exe - Powered by Reason Core Security