xender for pc windows.exe

CONDESTIL DEVELOPMENTS S.L.

This belongs to a Solimba product that may be bundled with additional PUPs or may be part of an ad-supported software program. The application xender for pc windows.exe by CONDESTIL DEVELOPMENTS S.L has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Solimba DownloadMR installer. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
CONDESTIL DEVELOPMENTS S.L.  (signed and verified)

MD5:
c60f2a581038c8a2d78a72c639da976f

SHA-1:
cdc06cbb49ad3b70d8f6111a0b54bf5b8e89007b

SHA-256:
87c72fa97a884af1a9e9c1ff5704c7479573bea03ec48055aa90d61cbd3348eb

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 5:16:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Solimba (M)
16.8.11.2

File size:
530.6 KB (543,344 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\xender for pc windows.exe

Digital Signature
Authority:
Unizeto Technologies S.A.

Valid from:
3/9/2015 10:20:45 PM

Valid to:
3/8/2017 10:20:45 PM

Subject:
E=support@condestil.com, CN=CONDESTIL DEVELOPMENTS S.L., O=CONDESTIL DEVELOPMENTS S.L., C=ES

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
5BCC510B694F044236905FE5E5A73FD4

File PE Metadata
Compilation timestamp:
3/26/2015 3:45:22 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:xKJV2t33naGCognZH5trCPREBtMwfpPfm5Q8w4a:xKJV2EEgnHhQEBtM8Jm5Q8wZ

Entry address:
0xE27C

Entry point:
E8, 01, 54, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, 3C, 42, 00, E8, 1E, 2C, 00, 00, E8, D2, 55, 00, 00, 0F, B7, F0, 6A, 02, E8, 94, 53, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 2F, 49, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.7033  (probably packed)

Code size:
106 KB (108,544 bytes)

The file xender for pc windows.exe has been seen being distributed by the following URL.

Remove xender for pc windows.exe - Powered by Reason Core Security