» yappyzuninstall.exe
Overview
Analysis
File Details
Downloads (1)

yappyzuninstall.exe

Yappyz

SIEN S.A.

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application yappyzuninstall.exe by SIEN S.A has been detected as a potentially unwanted program by 31 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer. The file has been seen being downloaded from stapi.yappyz.com.

File name:

yappyzuninstall.exe

Publisher:

SIEN (signed by SIEN S.A.)

Product:

Yappyz

Version:

6.39.1.0

MD5:

bad33b562843fe847fee20c9d596c2eb

SHA-1:

dc60297d567fa9a02d7558cba943493b4b146355

SHA-256:

fdbc491748f9a27362e287a3c17cea67dcba1ebd54b29a75d15072eaed506f72

Scanner detections:

31 / 68

Status:

Potentially unwanted

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/28/2024 2:49:49 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Yappyz.A

385

Agnitum Outpost

PUA.ToolBar

7.1.1

AhnLab V3 Security

PUP/Win32.Toolbar

2015.09.25

Baidu Antivirus

PUA.Win32.Iminent

4.0.3.16116

Bitdefender

Adware.Yappyz.A

1.0.20.80

Bkav FE

W32.HfsAdware

1.3.0.7237

Clam AntiVirus

Win.Adware.Agent-43696

0.98/21511

Dr.Web

Adware.Iminent.55

9.0.1.016

Emsisoft Anti-Malware

Adware.Yappyz

8.16.01.16.06

ESET NOD32

Win32/Toolbar.Iminent.C potentially unwanted (variant)

10.12296

Fortinet FortiGate

Adware/Toolbar

1/16/2016

F-Secure

Adware.Yappyz.A

11.2016-16-01_7

G Data

Adware.Yappyz

16.1.25

IKARUS anti.virus

PUA.Toolbar.Iminent

t3scan.1.9.5.0

K7 AntiVirus

Adware

13.210.17323

Kaspersky

not-a-virus:AdWare.Win32.ToolBar

14.0.0.809

Malwarebytes

PUP.Optional.Yappyz

v2016.01.16.06

McAfee

Artemis!B87FA8908E19

5600.6519

MicroWorld eScan

Adware.Yappyz.A

17.0.0.48

NANO AntiVirus

Riskware.Win32.ToolBar.dlohfy

0.30.26.3725

nProtect

Adware.Yappyz.A

15.09.24.01

Panda Antivirus

Trj/Chgt.L

16.01.16.06

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Quick Heal

PUA.ToolBar.07990

1.16.14.00

Reason Heuristics

PUP.Sien.SIENSA.Bundler (M)

16.1.16.6

Rising Antivirus

PE:Malware.RDM.41!5.2F[F1]

23.00.65.16114

Sophos

Generic PUA EP

4.98

SUPERAntiSpyware

PUP.Yappyz/Variant

9382

Trend Micro House Call

Suspicious_GEN.F47V1116

7.2.16

VIPRE Antivirus

Trojan.Win32.Generic

44022

Zillya! Antivirus

Adware.Toolbar.Win32.122

2.0.0.2412

File size:

769.3 KB (787,760 bytes)

Product version:

6.39.1.0

Original file name:

Setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

SIEN SuperInstall

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\yappyzuninstall\yappyzuninstall.exe

Digital Signature

Signed by:

SIEN S.A.

Authority:

VeriSign, Inc.

Valid from:

8/21/2012 9:00:00 PM

Valid to:

8/22/2014 8:59:59 PM

Subject:

CN=SIEN S.A., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SIEN S.A., L=Paris, S=France, C=FR

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

514EA00D30C8C244C3E818890BF73967

File PE Metadata

Compilation timestamp:

9/23/2013 9:36:36 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:rY/IHq40wSnvWV7c7Nv8q7q3t0OiPa8ON5viDdiAyktCdR4yy7RZ2V9g:9KcSnv+7c7NkJZiPa8OwdxyktC/0RZz

Entry address:

0x20B6A0

Entry point:

60, BE, 00, 50, 55, 00, 8D, BE, 00, C0, EA, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Packer / compiler:

UPX 2.90LZMA

Code size:

732 KB (749,568 bytes)

The file yappyzuninstall.exe has been seen being distributed by the following URL.

http://stapi.yappyz.com/yappyz/.../setup.exe

Remove yappyzuninstall.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.