wintoflash.zip
The file wintoflash.zip has been detected as a potentially unwanted program by 19 anti-malware scanners. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars. The file has been seen being downloaded from get.yawncard.com.
MD5:
c17ac41c899fedd80e07e219e9fff5d2
SHA-1:
ec0c7cbf0c6e1f5970633d26795b630d98f371d2
SHA-256:
5dd5922368b337346111cee34ca3c7c3c235fc96eb0e3993fbd4a1e9950e0e5b
Scanner detections:
19 / 68
Status:
Potentially unwanted
Explanation:
Uses the Solimba installer to bundle adware offers.
Analysis date:
11/28/2024 5:41:24 AM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Gen:Variant.Application.Kazy.525798
554
Avira AntiVirus
TR/PWS.Sinowal.Gen
8.3.1.6
Arcabit
Trojan.Application.Kazy.D805E6
1.0.0.425
avast!
Win32:PUP-gen [PUP]
2014.9-150730
Bitdefender
Gen:Variant.Application.Kazy.525798
1.0.20.1055
Emsisoft Anti-Malware
Gen:Variant.Application.Kazy.525798
10.0.0.5366
ESET NOD32
Win32/TrojanDropper.Addrop.J trojan
7.0.302.0
Fortinet FortiGate
W32/Generic.AC.551205
7/30/2015
F-Secure
Gen:Variant.Application.Kazy
11.2015-30-07_5
G Data
Gen:Variant.Application.Kazy.525798
15.7.25
IKARUS anti.virus
Trojan-Dropper.Win32.Addrop
t3scan.1.9.5.0
Kaspersky
not-a-virus:HEUR:Downloader.Win32.Morstar
15.0.0.543
MicroWorld eScan
Gen:Variant.Application.Kazy.525798
16.0.0.633
NANO AntiVirus
Riskware.Win32.Downware.dtexjt
0.30.24.2668
Norman
Gen:Variant.Application.Kazy.525798
07.07.2015 03:10:29
Rising Antivirus
PE:Dropper.Win32.Addrop.a!1075358254
23.00.65.15728
Sophos
PUA 'Solimba Installer'
5.15
VIPRE Antivirus
Trojan.Win32.Generic
42466
File size:
521.7 KB (534,231 bytes)
Common path:
C:\users\{user}\downloads\wintoflash.zip
The file wintoflash.zip has been seen being distributed by the following URL.