home

usb vid 138a_10924_i71470852_il345.exe

Sony PC Companion

LLC BUDІMEKS

The application usb vid 138a_10924_i71470852_il345.exe by LLC BUDІMEKS has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
Sony Mobile Communications   (signed by LLC BUDІMEKS)

Product:
Sony PC Companion

Version:
2.10.275

MD5:
3e0c747d5867a22191e9402f4bc6002e

SHA-1:
e65a73349427667c3678f47cbdd2f18fe680fa7b

SHA-256:
4cf6ffef90e0cdf9fc10934774f7f726c205b82b3614e41dd0533d701c5db9e2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/6/2024 7:58:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize.Bundler (M)
17.2.18.7

File size:
1.8 MB (1,912,848 bytes)

Product version:
2.10.275

Copyright:
Sony

Original file name:
stub32i.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\usb+vid+138a \usb vid 138a_10924_i71470852_il345.exe

Digital Signature
Signed by:
LLC BUDІMEKS

Authority:
COMODO CA Limited

Valid from:
8/26/2015 7:00:00 PM

Valid to:
8/26/2016 6:59:59 PM

Subject:
CN=LLC BUDІMEKS, O=LLC BUDІMEKS, STREET=Cvitna 34, L=Gorodockey area Galichani vilage, S=Lvovskaja, PostalCode=81523, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E9F1B23ADDECC133378F48EBB20F9E3D

File PE Metadata
Compilation timestamp:
10/16/2015 10:02:49 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x2A4DCF

Entry point:
68, 7F, D7, D6, 00, E8, FC, 06, FF, FF, 49, A5, 95, 7F, E6, 69, 21, 6A, 00, E4, 6E, A8, 6A, 80, F4, 07, C3, 95, 7F, 31, 5B, 1B, 95, 7F, D9, 39, FA, 6A, 00, 15, 7E, D2, 6A, 80, CB, 85, BD, 95, 7F, 6C, 3A, 6A, 95, FF, 37, C2, B3, 6A, 00, FD, 30, 7C, 95, FF, 7F, BD, 54, 95, FF, 27, 9E, 5A, 96, A0, 2E, FE, 7F, 83, F9, E7, 01, 00, 7B, 9A, 2A, FE, 7F, 9E, 23, 4F, FE, FF, A3, 28, 74, FE, FF, 45, 8F, 01, 03, 1B, 8C, 01, 80, D5, 43, A8, 01, 80, 20, 77, FE, FF, 7B, F9, FE, FE, 7F, 67, CC, FC, 01, 00, 27, 9B, 01, 80...
 
[+]

Entropy:
7.9111  (probably packed)

Code size:
1.7 MB (1,819,136 bytes)

Remove usb vid 138a_10924_i71470852_il345.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.