home

vrdystacbu.exe

You

If

The application vrdystacbu.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
If

Product:
You

Description:
kiss

Version:
0.0.6.0

MD5:
da720adbc436121ad82a1532fcc3a872

SHA-1:
22b13d6f3a4f5d0ab4c48f4fc28589834d9d2dfa

SHA-256:
a8f1b0d3caa6702f75026e7c8c9c50ad287fc3c2a6e1994e8e45dfc4bffd120c

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
4/1/2025 8:30:45 PM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Win32.Trojan.WisdomEyes.16070401.9500
4.0.3.17316

ESET NOD32
MSIL/Adware.CsdiMonetize (variant)
11.15079

Malwarebytes
Adware.Amonetize
v2017.03.16.01

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

Reason Heuristics
Adware.Monetize.ET (M)
17.3.16.1

File size:
346.5 KB (354,816 bytes)

Product version:
0.0.6.0

Copyright:
H

Trademarks:
te

Original file name:
kenpachi.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\vrdystacbu.exe

File PE Metadata
Compilation timestamp:
3/13/2017 11:38:24 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x2DD8E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 78, A4, 6A, D7, 56, B7, C7, E8, DB, 70, 20, 24, EE, CE...
 
[+]

Entropy:
6.0540

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
175.5 KB (179,712 bytes)

Remove vrdystacbu.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.