home

understanding management 8th edition_10924_i42804957_il345.exe

Runner Utility

BERSHNET LLC

The application understanding management 8th edition_10924_i42804957_il345.exe by BERSHNET has been detected as adware by 17 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from files.red-1-small-button.com.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
91854c91e61e218e7f12ac50bdddbd1d

SHA-1:
8ddc25e295dab31a94c29f6e75e2b18fd33a6080

SHA-256:
902e33daf50f98b5d8e8c5edafb10cbfbe25e864716106790c67ce345c5744bb

Scanner detections:
17 / 68

Status:
Adware

Analysis date:
11/5/2024 1:07:32 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Mikey.8247
6653607

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.216.52

AVG
Generic
2016.0.3173

Bitdefender
Gen:Variant.Adware.Mikey.8247
1.0.20.350

Comodo Security
Application.Win32.LoadMoney.IARS
21374

Emsisoft Anti-Malware
Gen:Variant.Adware.Mikey.8247
9.0.0.4799

ESET NOD32
Win32/Amonetize.DW potentially unwanted application
7.0.302.0

F-Prot
W32/S-40484255
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Mikey
5.13.68

G Data
Gen:Variant.Adware.Mikey.8247
15.3.25

K7 AntiVirus
Unwanted-Program
13.200.15232

Kaspersky
not-a-virus:Downloader.Win32.Agent
15.0.0.543

Malwarebytes
PUP.Optional.Amonetize
v2015.03.11.02

MicroWorld eScan
Gen:Variant.Adware.Mikey.8247
16.0.0.210

Panda Antivirus
Trj/Genetic.gen
15.03.11.02

Reason Heuristics
PUP.BERSHNET
15.3.11.13

VIPRE Antivirus
Threat.4785227
38050

File size:
1.5 MB (1,532,432 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/5/2015 6:00:00 PM

Valid to:
2/6/2016 5:59:59 PM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
3/10/2015 9:03:08 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:fdS63sUfwnEJxcbx3+WTCGTt0p+s7P+CYTreAOac6meSRVz:fAFAxQh/+GGwO+CYPeAC6Zcd

Entry address:
0x27A09E

Entry point:
0F, 88, 48, E9, 15, 00, 9C, 9C, 66, C7, 44, 24, 04, C6, DC, C7, 44, 24, 04, 3F, 2E, FE, 37, 60, 9C, C7, 44, 24, 24, 65, 21, 2D, 7E, 68, F6, F6, 94, 46, 9C, 8D, 64, 24, 2C, E9, 3E, A6, 16, 00, 24, B4, 20, 69, 7A, FA, 6C, 6E, EB, B8, C6, C7, 40, B2, 44, 88, 5D, 46, 53, 85, 11, 5D, 0B, B2, 61, BC, 6A, 41, 14, 9E, 0B, BA, AC, 3E, EA, 93, C0, DB, 4F, 4D, 59, 5B, 4C, 18, 1A, 40, 8A, AD, E9, DE, 8F, 5B, C2, 54, 10, 88, A4, 25, 9F, 57, CC, 5A, 58, D1, 05, E3, 37, 92, E0, 90, 06, 68, 3C, F2, 26, 8E, 18, 05, 02, 16...
 
[+]

Entropy:
7.9941  (probably packed)

Code size:
187.5 KB (192,000 bytes)

The file understanding management 8th edition_10924_i42804957_il345.exe has been seen being distributed by the following URL.

http://files.red-1-small-button.com/p/.../understanding management 8th edition_10924_i42804957_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.