home

ultramon_2.6_crack_downloader.exe

FairyTale Installer

CandyMandy LLC

The application ultramon_2.6_crack_downloader.exe by CandyMandy has been detected as a potentially unwanted program by 24 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from d.failsmail.com.
Publisher:
FairyTale Inc  (signed by CandyMandy LLC)

Product:
FairyTale Installer

Version:
1, 0, 616, 1

MD5:
b819a68cadc25fd327b982ecff94c6ea

SHA-1:
4b0310ce8c2233171bc6a3a092bd9bac1b359be5

SHA-256:
464dabbc79ab973050ce742c18077481145825c186662e2bd384db232a5a4fcc

Scanner detections:
24 / 68

Status:
Potentially unwanted

Analysis date:
11/14/2024 9:33:04 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.586985
668

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.Downloader
2015.04.08

Avira AntiVirus
APPL/Downloader.Gen8
3.6.1.96

avast!
Win32:Adware-gen [Adw]
2014.9-150407

AVG
Downloader
2016.0.3146

Bitdefender
Gen:Variant.Kazy.586985
1.0.20.485

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.ExpressDown.ZMIL
21681

Dr.Web
Adware.Downware.11073, Adware.Downware.10690
9.0.1.097

Emsisoft Anti-Malware
Gen:Variant.Kazy.586985
8.15.04.07.05

ESET NOD32
Win32/ExpressDownloader.J potentially unwanted application
7.0.302.0

F-Secure
Gen:Variant.Kazy.586985
11.2015-07-04_3

G Data
Gen:Variant.Kazy.586985
15.4.25

herdProtect (fuzzy)
variant of gta-4-final-mod-iv_downloader.exe (PUP)
2015.7.10.23

K7 AntiVirus
Unwanted-Program
13.203.15739

Kaspersky
not-a-virus:Downloader.Win32.Agent
15.0.0.543

MicroWorld eScan
Gen:Variant.Graftor.183147
16.0.0.291

NANO AntiVirus
Riskware.Win32.Downware.dpydrs
0.30.24.1357

Panda Antivirus
Trj/Genetic.gen
15.04.07.06

Reason Heuristics
PUP.Installer.CandyMandy
15.4.11.23

VIPRE Antivirus
Threat.4657539
39676

Zillya! Antivirus
Downloader.Agent.Win32.242550
2.0.0.2129

File size:
3.4 MB (3,565,576 bytes)

Product version:
1.0.0.1

Copyright:
Copyright FairyTale Inc (C) 2014

Original file name:
FairyTale.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\downloads\ultramon_2.6_crack_downloader.exe

Digital Signature
Signed by:
CandyMandy LLC

Authority:
CandyMandy LLC

Valid from:
3/25/2015 4:18:45 AM

Valid to:
3/24/2016 4:18:45 AM

Subject:
CN=CandyMandy LLC, OU=CandyMandy LLC, O=CandyMandy LLC, S=London, C=UK

Issuer:
CN=CandyMandy LLC, C=UK, S=London, L=London, E=admin@candy.com, OU=CandyMandy LLC, O=CandyMandy LLC

Serial number:
100001

File PE Metadata
Compilation timestamp:
3/31/2015 6:19:30 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:u1jO0zYjcAf1qmS8tyLPeIo72pK8lCUVnDaa1r:n0zYAA9fttyg8wUVDaa1r

Entry address:
0x8BEA1

Entry point:
E8, 43, C6, 01, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 20, CF, 4E, 00, E8, F9, E3, 00, 00, E8, 48, B2, 00, 00, 0F, B7, F0, 6A, 02, E8, D6, C5, 01, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 98, 1A, 01, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.7849  (probably packed)

Code size:
794.5 KB (813,568 bytes)

The file ultramon_2.6_crack_downloader.exe has been seen being distributed by the following URL.

http://d.failsmail.com/j5GQW3bCqHZp2uYNJI76IHzdtiw0tKp2J/Dvdyrx12Ev/MMkV7KAPxvl3W8Z4MJRCKyUFUaOnBlpjZlSCc51AV KYx4hr30CNpEwSmybfeotlyi2dHR9 AlscvwuNVX7O21B5Ax1XbUFe0C5HnxC/A1zQMkGUkCWI3cb3R9JLewdQCzU6W8n1LsEa8vuSw6q/gFk8KZubPm4fXP r3BHpv8TDbbROFTtxGZYuZltFIXIOBCFiwQY3IUBGNbZCuTKjVzjlvFJ692zFbC8gl79ZPMZ yGx4e02 7W7f6jnxWa9 Pp hq2bLMDmzHGOpYka3KSTU8/Diw2dwcQSmM3wUZ2dpgU30foJNYSsD2zb4HY/.../jsciH1uHw8uI4havHUZBvn0A==

Remove ultramon_2.6_crack_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.