windows 8 n 8.1 activator.exe

The application windows 8 n 8.1 activator.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. This is a setup program which is used to install the application. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs. The file has been seen being downloaded from download896.mediafire.com.
MD5:
54c3deaac7d99e6b062c2d12c4e9ce41

SHA-1:
65642b645a8b8d0938e37a4fdccdd1d9ac2dfa2f

SHA-256:
44677c0834d7fb95b15df1224e8c90d0d87a372a006f5ab729f8fde218d292be

Scanner detections:
8 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
12/26/2024 4:57:34 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Dropper.Agent
2016.0.3041

Baidu Antivirus
Adware.MSIL.OutBrowse
4.0.3.15626

Bkav FE
HW32.Packed
1.3.0.6979

Kaspersky
not-a-virus:AdWare.MSIL.OutBrowse
14.0.0.1828

McAfee
Artemis!54C3DEAAC7D9
5600.6697

Panda Antivirus
Generic Suspicious
15.06.26.08

Vba32 AntiVirus
AdWare.MSIL.OutBrowse
3.12.26.4

VIPRE Antivirus
OutBrowse
41792

File size:
1.1 MB (1,188,448 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\windows 8 n 8.1 activator.exe

File PE Metadata
Compilation timestamp:
1/31/2011 7:44:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:IQ9oF1aV0oWCh7jBdh3vH9REDphFbLwg23efMTi:IQyM+ohrhfHnEDBLN2uUm

Entry address:
0x1D20

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 21, 40, 00, 68, A0, 1E, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 88, 20, 40, 00, 59, 83, 0D, 54, 35, 40, 00, FF, 83, 0D, 58, 35, 40, 00, FF, FF, 15, 84, 20, 40, 00, 8B, 0D, CC, 32, 40, 00, 89, 08, FF, 15, 80, 20, 40, 00, 8B, 0D, C8, 32, 40, 00, 89, 08, A1, 7C, 20, 40, 00, 8B, 00, A3, 5C, 35, 40, 00, E8, 10, 01, 00, 00, 39, 1D, BC, 32, 40, 00, 75, 0C, 68, 9C, 1E, 40, 00, FF, 15, 78, 20...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
4 KB (4,096 bytes)

The file windows 8 n 8.1 activator.exe has been seen being distributed by the following URL.

Remove windows 8 n 8.1 activator.exe - Powered by Reason Core Security