unconfirmed 737231.torchdownload

PC Driver Kit

Installer Setup

This is part of the Air Installer, a download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file unconfirmed 737231.torchdownload by Installer Setup has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the AirInstaller Download Manager installer.
Publisher:
Installer Setup  (signed and verified)

Product:
PC Driver Kit

Version:
3.0.0.86

MD5:
112db2a6ce5b8cd22f5b35fb66eba833

SHA-1:
cf559763f24cca72916a8993482fe3f86e1e5ed4

SHA-256:
e60c434682cd0d4aa5ac2a0a20dee345167c39af7cf7dbe0c4910a8532526234

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/23/2024 9:27:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Air Software (M)
17.3.14.23

File size:
961.7 KB (984,808 bytes)

Product version:
3.0.0.86

Copyright:
(c) Installer Setup

Bundler/Installer:
AirInstaller Download Manager

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\unconfirmed 737231.torchdownload

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
2/9/2015 10:00:00 PM

Valid to:
2/10/2016 9:59:59 PM

Subject:
CN=Installer Setup, O=Installer Setup, L=Vancouver, S=British Columbia, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
07A1307B10CFA227F3AF56F353208204

File PE Metadata
Compilation timestamp:
1/30/2013 12:21:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
65.5 KB (67,038 bytes)

Remove unconfirmed 737231.torchdownload - Powered by Reason Core Security