tvapp__8821_i885324645_il5.exe

The application tvapp__8821_i885324645_il5.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.more-files.com.
MD5:
86ee1aa0033cd29d0a5bdfddeac27da3

SHA-1:
33baa2bd1ab3d3221b8892955b55df803cc910c7

SHA-256:
1877c9d61a77a21bcf434c7591ef68ba5646e5d0ddad7943fde19ba038bea4b5

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 4:34:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Amonetize (M)
16.8.28.17

File size:
295.9 KB (303,021 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\tvapp__8821_i885324645_il5.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:tMh5al4Wn1C9mX33BcPBifmSeZpTR31T4aFbIuX78KiqCpHXh:yh5alX+mX3xcPBaK1UaFDhU3h

Entry point:
57, 8B, 46, 04, 6A, FC, 50, FF, 15, B4, D2, 43, 00, 8B, 56, 04, 53, 57, 68, 82, 00, 00, 00, 89, 45, 0C, 8B, 46, 20, 52, 50, FF, 15, 18, D3, 43, 00, 8B, 4E, 20, 89, 45, 08, 3B, 0D, 94, D2, 43, 00, 74, 21, 8B, 46, 04, 6A, FC, 50, FF, 15, B4, D2, 43, 00, 3B, 45, 0C, 75, 10, 8B, 56, 20, 8B, 46, 04, 52, 6A, FC, 50, FF, 15, B8, D2, 43, 00, 83, 4E, 1C, 01, 8B, 46, 1C, A8, 01, 74, 2C, 33, D2, 39, 55, 10, 75, 25, 8B, 4E, 04, 83, E0, FE, 89, 56, 04, 89, 56, 18, 8B, 16, 89, 46, 1C, 8B, 42, 0C, 51, 8B, CE, FF, D0, 8B...
 
[+]

The file tvapp__8821_i885324645_il5.exe has been seen being distributed by the following URL.

Remove tvapp__8821_i885324645_il5.exe - Powered by Reason Core Security