wondersharecrack__7934_il2672849.exe

The application wondersharecrack__7934_il2672849.exe has been detected as a potentially unwanted program by 6 anti-malware scanners. This is a setup program which is used to install the application. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from v4download.com.
Version:
1.1.5.90

MD5:
1b9008d9940d13080ee6a3b19aeb4553

SHA-1:
fd05c41a9f6f8b23588bb201b1d94708a60f7bb2

SHA-256:
d12a11b9f091fba4d91d431606b4626a79145e915781d1409701217d6053ff40

Scanner detections:
6 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:16:55 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.Amonetiz
2014.11.04

Avira AntiVirus
Adware/Amonetize.505936
7.11.182.228

Bkav FE
W32.HfsAutoA
1.3.0.6185

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.2985

Malwarebytes
PUP.Optional.Amonetize
v2014.11.06.09

Quick Heal
(Suspicious) - DNAScan
11.14.14.00

File size:
494.1 KB (505,936 bytes)

Product version:
1.1.5.90

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\wondersharecrack__7934_il2672849.exe

File PE Metadata
Compilation timestamp:
10/30/2014 5:41:41 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:vTs0WPMEV2R4u+1bv2OlCfmNh21X3UHbGcO4mIejXc1:vo7uov2BH3U7GcOdRY1

Entry address:
0x141AA4

Entry point:
E9, FE, 2E, FC, FF, C7, 04, 24, 44, 4A, F4, 8B, E9, F7, B8, FA, FF, 51, 9C, FF, 74, 24, 04, E9, 09, FE, FF, FF, 58, 98, 8D, 05, 38, B0, 4D, 00, 52, 9C, C7, 44, 24, 04, FA, 67, 48, 00, 9C, 60, FF, 30, 8F, 44, 24, 24, 60, 9C, FF, 34, 24, FF, 74, 24, 4C, C2, 50, 00, D2, F0, C0, D8, 07, F6, D0, 8A, 07, F8, F8, F8, 3C, 41, 60, 9C, 9C, 8D, 64, 24, 28, 0F, 82, 2C, A1, FF, FF, 66, F7, C5, 79, DD, E9, 12, DC, FF, FF, 55, E8, E0, E8, FF, FF, 8D, 64, 24, 2C, 0F, 86, B7, 56, FC, FF, C1, EB, 02, 0F, 9C, C5, 0F, BE, D9...
 
[+]

Entropy:
7.8906

Packer / compiler:
Xtreme-Protector v1.05

Code size:
191 KB (195,584 bytes)

The file wondersharecrack__7934_il2672849.exe has been seen being distributed by the following URL.

Remove wondersharecrack__7934_il2672849.exe - Powered by Reason Core Security