xbox 360 firmware upgrade xtreme 5....icon=2.exe

Apps market ABC

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application xbox 360 firmware upgrade xtreme 5....icon=2.exe by Apps market ABC has been detected as adware by 25 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from get.file23desktop.com.
Publisher:
Apps market ABC  (signed and verified)

MD5:
c7430d2c0874cd7bc43e6478f2e7c991

SHA-1:
8b49ea75ac7ed9142d771f23f5e89d173c2f0a6c

SHA-256:
9b991ad03b83c6f0c9f2367dc03571cba138b41398465e78002b8cd38da54468

Scanner detections:
25 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 6:26:24 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Outbrowse.1
5858376

Agnitum Outpost
PUA.OutBrowse
7.1.1

Avira AntiVirus
APPL/Downloader.Gen
7.11.207.252

avast!
OutBrowse-IR [PUP]
150423-1

AVG
Potentially harmful program Downloader.DIT
2014.0.4311

Bitdefender
Application.Bundler.Outbrowse.BA
1.0.20.655

Comodo Security
UnclassifiedMalware
22082

Dr.Web
infected with Trojan.OutBrowse.89
9.0.1.0131

Emsisoft Anti-Malware
Application.Bundler.Outbrowse.BA
10.0.0.5366

ESET NOD32
Win32/OutBrowse.BU potentially unwanted application
9.7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
5/11/2015

F-Secure
Gen:Variant.Application.Bundler
11.2015-11-05_2

G Data
Application.Bundler.Outbrowse.BA
15.5.25

K7 AntiVirus
DoS-Trojan
13.193.14888

Malwarebytes
PUP.Optional.OutBrowse.gen
v2015.05.11.09

McAfee
Program.Adware-OutBrowse.e
17.6.569.0

MicroWorld eScan
Application.Bundler.Outbrowse.BA
16.0.0.393

NANO AntiVirus
Trojan.Win32.OutBrowse.dmikim
0.30.0.65070

Quick Heal
Adware.NSIS.OutBrowse.A
5.15.14.00

Reason Heuristics
Threat.Outbrowse.Bundler
15.5.11.16

Sophos
OutBrowse Revenyou
4.98

Total Defense
Win32/Tnega.OAfZIdC
37.1.62.1

Trend Micro House Call
Suspici.2AB55E13
7.2.131

VIPRE Antivirus
Threat.4150696
37240

File size:
610.9 KB (625,560 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Common path:
C:\users\{user}\downloads\xbox 360 firmware upgrade xtreme 5....icon=2.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
2/1/2015 1:00:00 AM

Valid to:
1/28/2016 12:59:59 AM

Subject:
CN=Apps market ABC, O=Apps market ABC, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6BE197B02D2951B23855B9517380D4E8

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:ZHs3aGSE++yo/REQZAcZq4129Ak5Koe6bDaW2kiZtEf9sSKMX5OLe5Ec:ZHmanu/+QZAcoJR5UfH2qMX5L5F

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file xbox 360 firmware upgrade xtreme 5....icon=2.exe has been seen being distributed by the following URL.