home

wondersharephotorecoveryv3.1.0.6full.exe

Setup

Dey yazilim ve internet hizmetleri san. tic. ltd. sti.

The application wondersharephotorecoveryv3.1.0.6full.exe by Dey yazilim ve internet hizmetleri san. tic. ltd. sti has been detected as adware by 19 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from hipershare.com.
Publisher:
Microsoft  (signed by Dey yazilim ve internet hizmetleri san. tic. ltd. sti.)

Product:
Setup

Version:
1.0.0.0

MD5:
34de4f606467c90eda1c0959a4a3dd20

SHA-1:
8c8f6e053cffd0801825d947340de89684bc1315

SHA-256:
0f2cd6716ab6a22e1bb018953b2d04f9b7bcedee6a056fd007039270dc68ea05

Scanner detections:
19 / 68

Status:
Adware

Analysis date:
12/23/2024 9:56:27 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/Joedown.569560
7.11.206.130

AVG
Generic
2016.0.3196

Comodo Security
ApplicUnwnt
20932

Dr.Web
Trojan.KillFiles.18730
9.0.1.047

ESET NOD32
MSIL/Adware.Joedown (variant)
9.11109

Fortinet FortiGate
Adware/Agent
2/16/2015

G Data
Win32.Application.Agent.A3LZ9Z
15.2.25

IKARUS anti.virus
not-a-virus:AdWare.MSIL.Agent
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.193.14832

Kaspersky
not-a-virus:AdWare.MSIL.Agent
14.0.0.2477

McAfee
Artemis!34DE4F606467
5600.6852

Panda Antivirus
Generic Suspicious
15.02.16.01

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.Amonitize
15.2.16.13

Sophos
Generic PUA IM
4.98

Trend Micro House Call
TROJ_GEN.F0C2C00AN15
7.2.47

Trend Micro
TROJ_GEN.F0C2C00AN15
10.465.16

VIPRE Antivirus
Trojan.Win32.Generic
37186

Zillya! Antivirus
Adware.Agent.Win32.38196
2.0.0.2051

File size:
556.2 KB (569,560 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Microsoft 2014

Trademarks:
Microsoft

Original file name:
SetupFullCube.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\users\{user}\downloads\wondersharephotorecoveryv3.1.0.6full.exe

Digital Signature
Signed by:
Dey yazilim ve internet hizmetleri san. tic. ltd. sti.

Authority:
COMODO CA Limited

Valid from:
3/12/2014 2:00:00 AM

Valid to:
3/13/2015 1:59:59 AM

Subject:
CN=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., O=Dey yazilim ve internet hizmetleri san. tic. ltd. sti., STREET=kuloglu mah alyon gecidi sok, STREET=beyoglu, L=istanbul, S=istanbul, PostalCode=34433, C=TR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FD3AA42CD883A6D47CC56CDA9837EB85

File PE Metadata
Compilation timestamp:
1/16/2015 3:02:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:z/MGsgL7GZOsLa30hTbeS/J1s0ldUmx/bLbYnwch3SdX1MGsgL7G/:7/nGZY09KS/J1sGdUmx/bwnwccj/nG/

Entry address:
0x6307E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
388.5 KB (397,824 bytes)

The file wondersharephotorecoveryv3.1.0.6full.exe has been seen being distributed by the following URL.

http://hipershare.com/.../downloader.aspx?s=2&p=10493&filename=WondersharePhotoRecoveryv3.1.0.6Full

Remove wondersharephotorecoveryv3.1.0.6full.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.