home

van wilder freshman year.2009.dvdrip.ur.xvid 1337x noir.avi.mp4__3039_i178044569_il7547462.exe

Installer

Shetef Solutions & Consulting (1998) Ltd.

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application van wilder freshman year.2009.dvdrip.ur.xvid 1337x noir.avi.mp4__3039_i178044569_il7547462.exe by Shetef Solutions & Consulting (1998) has been detected as adware by 8 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup.
Publisher:
Amônétízé Ltd  (signed by Shetef Solutions & Consulting (1998) Ltd.)

Product:
Installer

Version:
1.1.5.98

MD5:
65aa2de2f99287b3bc37a0a6e62eff8d

SHA-1:
de97672bd781b699e5d581d9f27771bb7f291736

SHA-256:
4d494738a00762549a7d953be103ec85e144408f5f1801ef8ee7bc662b71f4f5

Scanner detections:
8 / 68

Status:
Adware

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/23/2024 3:57:05 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen2
7.11.119.158

Dr.Web
Adware.Downware.1575
9.0.1.0352

ESET NOD32
Win32/Amonetize (variant)
7.9171

Fortinet FortiGate
Riskware/Amonetize
12/18/2013

IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent
t3scan.2.2.29

Malwarebytes
PUP.Optional.InstallMonetizer
v2013.12.18.06

Reason Heuristics
PUP.Installer.ShetefSolutionsConsulting1998.?
14.8.8.3

Trend Micro House Call
TROJ_GEN.F47V1205
7.2.352

File size:
149.1 KB (152,704 bytes)

Product version:
2.1.12

Copyright:
(c) Amônétízé Ltd, 2012,2013. All rights reserved.

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Amonetize Downloader

Language:
English (United States)

Common path:
C:\users\{user}\downloads\van wilder freshman year.2009.dvdrip.ur.xvid 1337x noir.avi.mp4__3039_i178044569_il7547462.exe

Digital Signature
Signed by:
Shetef Solutions & Consulting (1998) Ltd.

Authority:
Thawte, Inc.

Valid from:
7/23/2013 8:00:00 AM

Valid to:
7/24/2014 7:59:59 AM

Subject:
CN=Shetef Solutions & Consulting (1998) Ltd., O=Shetef Solutions & Consulting (1998) Ltd., L=Rannana, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7C23DBB97FAFBB9D28D413F836202024

File PE Metadata
Compilation timestamp:
12/5/2013 11:26:01 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:m2D5Ylx2B9/ghGBvtW36/Sf+1LCfmaHa11VZnm83nkHP9BwvO:m2t8lGh836/Sf+1LymaHW1fm2kvzGO

Entry address:
0x59940

Entry point:
60, BE, 00, A0, 43, 00, 8D, BE, 00, 70, FC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.7868

Packer / compiler:
UPX 2.90LZMA]

Code size:
128 KB (131,072 bytes)

The file van wilder freshman year.2009.dvdrip.ur.xvid 1337x noir.avi.mp4__3039_i178044569_il7547462.exe has been seen being distributed by the following 50 URLs.

http://download.aminst.net/.../get.php?q=netcad 5.2 indir windows 7 32 bit crack&ti1=700000&ti2=0&ti3=2013-12-06T20:14:06.521820 00:00

http://download.aminst.net/.../get.php?q=karaokekanta 7 0 crack full taringa&ti1=700000&ti2=0&ti3=2013-12-07T14:48:52.253127 00:00

http://download.aminst.net/.../get.php?q=kid_pix_studio_deluxe_free&ti1=1240000&ti2=0&ti3=2013-12-06T09:43:41.431408 00:00

http://download.aminst.net/.../get.php?q=carrie la vengeance cpasbien&ti1=700000&ti2=2&ti3=2013-12-06T23:52:48.824473 00:00

http://download.aminst.net/.../get.php?q=alien_vs_predator_extinction_pc_free&ti1=1240000&ti2=0&ti3=2013-12-06T05:59:12.566731 00:00

http://download.aminst.net.prx2.unblocksit.es/.../get.php?q=P.S._I_Love_You_2007_DvDrip.avi.mp.prx2.unblocksit.es.prx2.unblocksit.es.prx2.unblocksit.es.prx2.unblocksit.es4&ti1=500000&ti2=0&ti3=2013-12-09T20:07:05.937736 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3515&instid[appname]=torrent bob dylan live at the gaslight 1962 discography_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=torrent bob dylan live at the gaslight 1962 discography&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=300000&ti2=26&ti3=2013-12-06T04:25:13.860621 00:00&parameter=torrent bob dylan live at the gaslight 1962 discography&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=300000&ti2=26&ti3=2013-12-06T04:25:13.860621 00:00&parameter=torrent bob dylan live at the gaslight 1962 discography&ti1=300000&ti2=26&ti3=2013-12-06T04:25:13.860621 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3515&instid[appname]=Keeping.Up.With.the.KardashiansS08E00.A.Very.Merry.Christmas.720p.HDTV.x264 TTVa.mp4_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Keeping.Up.With.the.KardashiansS08E00.A.Very.Merry.Christmas.720p.HDTV.x264 TTVa.mp4&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-10T16:59:00.591435 00:00&parameter=Keeping.Up.With.the.KardashiansS08E00.A.Very.Merry.Christmas.720p.HDTV.x264 TTVa.mp4&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-10T16:59:00.591435 00:00&parameter=Keeping.Up.With.the.KardashiansS08E00.A.Very.Merry.Christmas.720p.HDTV.x264 TTVa.mp4&ti1=500000&ti2=0&ti3=2013

http://download.aminst.net/.../get.php?q=Keeping.Up.With.the.KardashiansS08E00.A.Very.Merry.Christmas.720p.HDTV.x264-TTVa.mp4&ti1=500000&ti2=0&ti3=2013-12-10T16:59:00.591435 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=One Born Every Minute Season 3 Episode 6.flv.mp4_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=One Born Every Minute Season 3 Episode 6.flv.mp4&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-10T19:48:34.270023 00:00&parameter=One Born Every Minute Season 3 Episode 6.flv.mp4&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-10T19:48:34.270023 00:00&parameter=One Born Every Minute Season 3 Episode 6.flv.mp4&ti1=500000&ti2=0&ti3=2013-12-10T19:48:34.270023 00:00

http://download.aminst.net/.../get.php?q=One_Born_Every_Minute_-_Season_3_-_Episode_6.flv.mp4&ti1=500000&ti2=0&ti3=2013-12-10T19:48:34.270023 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3039&instid[appname]=Disney Classic 35 Hercules.avi.mp4_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Disney Classic 35 Hercules.avi.mp4&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-07T15:28:10.846049 00:00&parameter=Disney Classic 35 Hercules.avi.mp4&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-07T15:28:10.846049 00:00&parameter=Disney Classic 35 Hercules.avi.mp4&ti1=500000&ti2=0&ti3=2013-12-07T15:28:10.846049 00:00

http://download.aminst.net/.../get.php?q=Disney_Classic_-_35_-_Hercules.avi.mp4&ti1=500000&ti2=0&ti3=2013-12-07T15:28:10.846049 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=Invictus 2009 DvDrip Eng FXG.avi.mp4_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Invictus 2009 DvDrip Eng FXG.avi.mp4&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-06T03:57:57.950624 00:00&parameter=Invictus 2009 DvDrip Eng FXG.avi.mp4&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-06T03:57:57.950624 00:00&parameter=Invictus 2009 DvDrip Eng FXG.avi.mp4&ti1=500000&ti2=0&ti3=2013-12-06T03:57:57.950624 00:00

http://download.aminst.net/.../get.php?q=Invictus_2009_DvDrip_Eng_-FXG.avi.mp4&ti1=500000&ti2=0&ti3=2013-12-06T03:57:57.950624 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3039&instid[appname]=family.guy.1201.hdtv lol.mp4_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=family.guy.1201.hdtv lol.mp4&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-09T17:02:59.374407 00:00&parameter=family.guy.1201.hdtv lol.mp4&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-09T17:02:59.374407 00:00&parameter=family.guy.1201.hdtv lol.mp4&ti1=500000&ti2=0&ti3=2013-12-09T17:02:59.374407 00:00

http://download.aminst.net/.../get.php?q=family.guy.1201.hdtv-lol.mp4&ti1=500000&ti2=0&ti3=2013-12-09T17:02:59.374407 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=Get Beasty Patrick Topping_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Get Beasty Patrick Topping&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=940000&ti2=0&ti3=2013-12-05T22:11:21.926194 00:00&parameter=Get Beasty Patrick Topping&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=940000&ti2=0&ti3=2013-12-05T22:11:21.926194 00:00&parameter=Get Beasty Patrick Topping&ti1=940000&ti2=0&ti3=2013-12-05T22:11:21.926194 00:00

http://download.aminst.net/.../get.php?q=Get Beasty Patrick Topping&ti1=940000&ti2=0&ti3=2013-12-05T22:11:21.926194 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3039&instid[appname]=Kick Ass 2010 BrRip.mp4_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Kick Ass 2010 BrRip.mp4&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-08T07:30:05.489072 00:00&parameter=Kick Ass 2010 BrRip.mp4&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-08T07:30:05.489072 00:00&parameter=Kick Ass 2010 BrRip.mp4&ti1=500000&ti2=0&ti3=2013-12-08T07:30:05.489072 00:00

http://download.aminst.net/.../get.php?q=Kick_Ass_2010_BrRip.mp4&ti1=500000&ti2=0&ti3=2013-12-08T07:30:05.489072 00:00&__cookie=__atuvc=1|50

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=The Twilight Saga Breaking Dawn Parte 2 Fil ..._Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=The Twilight Saga Breaking Dawn Parte 2 Fil ...&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1190000&ti2=0&ti3=2013-12-08T20:15:08.295714 00:00&parameter=The Twilight Saga Breaking Dawn Parte 2 Fil ...&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1190000&ti2=0&ti3=2013-12-08T20:15:08.295714 00:00&parameter=The Twilight Saga Breaking Dawn Parte 2 Fil ...&ti1=1190000&ti2=0&ti3=2013-12-08T20:15:08.295714 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=universal password cheat box_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=universal password cheat box&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=980000&ti2=0&ti3=2013-12-10T02:51:50.565234 00:00&parameter=universal password cheat box&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=980000&ti2=0&ti3=2013-12-10T02:51:50.565234 00:00&parameter=universal password cheat box&ti1=980000&ti2=0&ti3=2013-12-10T02:51:50.565234 00:00

http://download.aminst.net/.../get.php?q=universal password cheat box&ti1=980000&ti2=0&ti3=2013-12-10T02:51:50.565234 00:00

http://download.aminst.net/.../get.php?q=The Twilight Saga - Breaking Dawn Parte 2 Fil ...&ti1=1190000&ti2=0&ti3=2013-12-08T20:15:08.295714 00:00&__cookie=guard=1

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3515&instid[appname]=The.Big.Bang.Theory.S07E01.720p.HDTV.X264 DIMENSION.mkv_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=The.Big.Bang.Theory.S07E01.720p.HDTV.X264 DIMENSION.mkv&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=500000&ti2=0&ti3=2013-12-06T04:28:35.589826 00:00&parameter=The.Big.Bang.Theory.S07E01.720p.HDTV.X264 DIMENSION.mkv&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=500000&ti2=0&ti3=2013-12-06T04:28:35.589826 00:00&parameter=The.Big.Bang.Theory.S07E01.720p.HDTV.X264 DIMENSION.mkv&ti1=500000&ti2=0&ti3=2013-12-06T04:28:35.589826 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3038&instid[appname]=Microsoft toolkit 2.5 final_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=Microsoft toolkit 2.5 final&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=700000&ti2=0&ti3=2013-12-06T00:05:07.952394 00:00&parameter=Microsoft toolkit 2.5 final&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=700000&ti2=0&ti3=2013-12-06T00:05:07.952394 00:00&parameter=Microsoft toolkit 2.5 final&ti1=700000&ti2=0&ti3=2013-12-06T00:05:07.952394 00:00

http://download.aminst.net/.../get.php?q=Microsoft toolkit 2.5 final&ti1=700000&ti2=0&ti3=2013-12-06T00:05:07.952394 00:00

http://fb-hosting-apps.com/download.php?version=1.1.5.98&campid=3516&instid[appname]=300_Downloader&instid[appsetupurl]=http://download.aminst.net/d1/setup.exe&instid[cmdline]=/S&instid[appimageurl]=http://download.aminst.net/d1/logo150x150.png&prefix=300&instid[thankyoupage]=http://download.aminst.net/.../thank_you.php?ti1=1075000&ti2=0&ti3=2013-12-06T15:16:17.053562 00:00&parameter=300&instid[interrupted]=http://download.aminst.net/.../interrupted.php?ti1=1075000&ti2=0&ti3=2013-12-06T15:16:17.053562 00:00&parameter=300&ti1=1075000&ti2=0&ti3=2013-12-06T15:16:17.053562 00:00

http://download.aminst.net/.../get.php?q=300&ti1=1075000&ti2=0&ti3=2013-12-06T15:16:17.053562 00:00

Latest 30 of 76 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to www.softologic.com  (174.37.181.31:80)

TCP (HTTP SSL):
Connects to www.ibbalance.com  (173.192.190.227:443)

TCP (HTTP):
Connects to stats-182385724-1591972470.us-east-1.elb.amazonaws.com  (54.221.252.69:80)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.