universal-all-software-keygen-generator_8.exe

Somoto Ltd.

Somoto uses a monetization platform known as the 'Better Installer' to provide the ability of 3rd party developers to bundle various adware packages through an affiliate pay-per-install program. The application universal-all-software-keygen-generator_8.exe, “Powered by BetterInstaller” by Somoto has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Somoto BetterInstaller installer. Includes the Somoto BetterInstaller, an adware installer that will bundle offers for additional third party applications, mostly adware toolbars, with legitimate softare and may be installed without adequate user consent.
Publisher:
Somoto Ltd.  (signed and verified)

Description:
Powered by BetterInstaller

Version:
2.0.0.0

MD5:
816e3f158b8a9e7cfce4069ba23c48a7

SHA-1:
584acc5e43ccfdfd6765f8446175093d4fed9760

SHA-256:
86d28c5eea6876ade65179f1f5878d1a4e455886462027392041912507df9341

Scanner detections:
22 / 68

Status:
Adware

Explanation:
Uses the Somoto 'BetterInstaller' to bundle additional (unwanted) software during install without adequate consent.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/26/2024 1:41:09 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Somoto
7.1.1

Avira AntiVirus
APPL/Somoto.aoh
7.11.135.228

avast!
Win32:PUP-gen [PUP]
2014.9-140312

AVG
AdInstaller.Somoto
2015.0.3538

Baidu Antivirus
HackTool.Win32.Downloader
4.0.3.14312

Clam AntiVirus
Adware.Somoto-1
0.98/18355

Comodo Security
Application.Win32.Somoto.A
17906

Dr.Web
Adware.Somoto.17
9.0.1.071

ESET NOD32
Win32/Somoto
8.9519

F-Prot
W32/SomotoBetterInstaller.A
v6.4.7.1.166

K7 AntiVirus
Unwanted-Program
13.176.11378

Kaspersky
not-a-virus:Downloader.NSIS.Agent
14.0.0.4184

Malwarebytes
PUP.Optional.Somoto.A
v2014.03.12.06

NANO AntiVirus
Trojan.Win32.Agent.cruvdt
0.28.0.58101

Panda Antivirus
PUP/MultiToolbar.A
14.03.12.06

Reason Heuristics
PUP.BetterInstaller.Somoto.j
14.8.7.17

Sophos
Somoto BetterInstaller
4.98

SUPERAntiSpyware
Adware.Somoto/Variant
10732

Trend Micro House Call
TROJ_SPNR.08BK13
7.2.71

Trend Micro
TROJ_SPNR.08BK13
10.465.12

Vba32 AntiVirus
Downloader.Agent
3.12.24.3

VIPRE Antivirus
BetterInstaller
27240

File size:
162.8 KB (166,656 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Somoto BetterInstaller

Common path:
C:\users\{user}\downloads\universal-all-software-keygen-generator_8.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
9/20/2011 9:00:00 AM

Valid to:
9/20/2014 8:59:59 AM

Subject:
CN=Somoto Ltd., O=Somoto Ltd., STREET=PO Box 58096, L=Tel Aviv, S=--, PostalCode=61580, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00841D099D16B738F34172FEEFE1D2574F

File PE Metadata
Compilation timestamp:
12/17/2010 6:14:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
3072:R22ihA0m3BJf0vZmSRm3kP+QJZtcYcCEVlvWOFpBgy3xd8kx6+U/r:yA0m3T0vISRtVJrnEVt7FpXYO6hr

Entry address:
0x39AC

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, 7C, 01, 00, 00, E8, 97, 46, 00, 00, 83, EC, 0C, 68, 01, 80, 00, 00, E8, 42, 43, 00, 00, 6A, 00, E8, AB, 46, 00, 00, 6A, 08, A3, 88, 4C, 42, 00, E8, B1, 28, 00, 00, 6A, 00, 68, 60, 01, 00, 00, A3, 38, 4D, 42, 00, 8D, 85, 90, FE, FF, FF, 50, 6A, 00, 68, A4, A2, 40, 00, E8, F0, 45, 00, 00, 83, EC, 0C, 68, A5, A2, 40, 00, 68, 68, 4D, 42, 00, E8, EF, 2A, 00, 00, 83, C4, 18, E8, FE, 42, 00, 00, 52, 52, 50, 68, 00, D0, 42, 00, E8, DA, 2A, 00, 00, 57, 6A, 00, E8, 39, 42, 00, 00, 83...
 
[+]

Entropy:
7.6000

Code size:
28.5 KB (29,184 bytes)

The file universal-all-software-keygen-generator_8.exe has been seen being distributed by the following 3 URLs.

http://adlock.in/.../Microsoft-Office-2013-Serial-Crack-Activator-Activation-key-Download-Free.exe