yet_another_cleaner_dnt.exe

YAC Security Protection

Elex do Brasil Participações Ltda

The application yet_another_cleaner_dnt.exe by Elex do Brasil Participaçõesa has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from adm.soft365.com and multiple other hosts.
Publisher:
Elex do Brasil Participações Ltda  (signed and verified)

Product:
YAC Security Protection

Description:
Setup

Version:
4.7.36.12168

MD5:
3889bcf819f66da9dcac350d400ae081

SHA-1:
27e3688daa345307aa0aa0c430ae849e36675864

SHA-256:
beddd2b868e90c5a26f873be5b5de6d284b359a12c072ba345fa58f3f5516766

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
11/30/2024 11:12:45 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.14620

Reason Heuristics
PUP.Optional.Installer.X
14.6.20.6

File size:
707.2 KB (724,152 bytes)

Product version:
4.7.36.12168

Copyright:
Copyright (c) 2011-2014 Elex do Brasil Participações Ltda

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\yet_another_cleaner_dnt.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
9/24/2013 6:46:21 AM

Valid to:
8/17/2014 9:28:53 AM

Subject:
CN=Elex do Brasil Participações Ltda, O=Elex do Brasil Participações Ltda, L=Consolação, S=São Paulo, C=BR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11215F51916F2BB9F54E82871FEA88CE8F5E

File PE Metadata
Compilation timestamp:
6/19/2014 12:54:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:O715shZ/FA5UNsdAaDO0fW6KdsY7g3jzY2+f0Yl2O8g3c/:OZUZ/FA5UNLay0fW/Tgz1+ffl2630

Entry address:
0xC2D2

Entry point:
E8, 3F, 3A, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, BC, F6, 41, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 38, E2, 41, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, BC, F6, 41, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00, 00, F7, C6...
 
[+]

Code size:
88 KB (90,112 bytes)

The file yet_another_cleaner_dnt.exe has been seen being distributed by the following 50 URLs.

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=qyh7lMhjNIEbIPoksPdzQVy4hN0m3U1JBgfvNBqot86L0llsNNEwy4IWYQ7xUG7Z2fZB7F45z1legZSmZTzet6m9fxKjFZflAkXPnasr4urqTFsqnE74LbxZIi0CsdWWJl8-NQkBYPxlr2rJKxeAalya4PBJot6d-5LTtWpu_FpDSDujNBraffWrNwjGwMf14YTBKmRlgsPiBVuscoU-0a2v7M0Ptq8BkGZNfIKmPrvEDjAi6f44RlsIrIMsdcqcdZQg2zPSMvj3-SBQm6WV1fqffxcaxG1fXKjuSDNtqfz0axrgi88i2w10AWtebLm4Y1UlvKGqG4gOuL5NcNJo6TM3qtD3URw7XgduPP-GxC94N0NyF2ZwFQo4n21jM43qgq6gN5ufrjHTQQlT8KWACd65NGhsNCBK2_p1iy09F7tln6_yjO8dGhhFEwR0K_IaAVrhVp8XbiPzO7a71V8&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=brod

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=p-xqFkDE6_oQUrZ0aA7eH-cgaroYdD3qjfcZnydoPG3T5G2mPRoTUKPEXv6PUox2z7NyCMHUFN5qf5fvbx7JzMb6eIRzTo3HQzilXu1pOKu_B6tBoZwHOsbk2N76BFmM6vW8cFE9gvNx7IJtmR6R8JvSqd6gk0Jaz344C6yvTryTXbQkww4_YiZ-9f_syX_4RMwcNegZgeV7RV72oD7prZ1nMha3n4IXDwTtA9LZSM4Umhd0gwG0nNE-J0FlQItLIZH0Wd8d0l_iRz-gcP0Ca2k5ZRYtiUngoI3Mzoohx-BOJvrg-vAq64BRAqoKOqNNLat5ML-Hy5IsAYWajd6CXUZaqZqp3dZEr3S4DHayY9Y8XEFnt1fkleXbUO9koa92JbEawtc0i2n_siXEOCmQ2lt9HlX4BkT-vzuE5LL8lC2HfYHGPMQlEuUjuWb3pZ0lX8-8DoN7n2BPTVn-zNc&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://nym1.ib.adnxs.com/click?exSuR-F6pD9YObTIdr6fP1g5tMh2vp8_G6C0fvdfoj-3UvFxorWnPw-VqaJ4HGJKhCgbupq86TANK6ZTAAAAAHMKJQCZBwAAdgIAAAIAAABlbPoAF9cFAAAAAQBVU0QAVVNEACwB-gBzDwAAK68AAgUAAQIAAI4Aiya_sQAAAAA./cnd=!1QazQgjsmvQBEOXY6QcYl64XIAA./referrer=http://www.youtube.com/watch?v=a6V8F_bRg38/clickenc=http://adm.soft365.com/ads/adsavess?sid=yac&ptid=broe&subid=nym1CITR7NCrk-_0MBACGI-qppWKj4exSiIOMTgxLjg4LjE3Ni4yMDEoATCN1pidBQ..&lplink=http://www.yac.mx/download/config/down.php?pt=broe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=mLUntZdKmGUEKpvGd6SEeLR2_47NqEyRnDWhdmKVOX-RZHe7ObHJxgp7a7LtTYR2B9SZqQweE-XscyAgpS3KkQ-ZCZLvDu4KiW-LE0XSA9PDmu-RX2wSrIGUN0xrp_vObPkoyVwVFe4HgOBSzozQn8jpW8GTEjfjAioHUgs69kE6pXGjFjw2piS1b6lIAQBAHYvgChC_NA2TIze19WAufJIHWL7fRFDc2Bq9G87Zh5VHb56eTeLeDH3yK85pm1g7Wa3aV1blgW_rszDy2Iyn0uONjbCYtzyyAJKNIHYpDp7hqbwlQsw5NyVeI9UdD507053HWAg7DkJRMFm2dFJTn9t2JXpLy9YG7VaniU1RXuj5v1cz10zwngSQVbl9rDm6lSsFky47hMseQyoCZa4BBvN3wZubXQVSLg6-aVJ-4bglQqFWZocn_eFPl-jaqPrFetE2ZgXZtE8JHkCFWwpbhQ&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://dl_149.yac.mx/download/.../yet_another_cleaner_broe.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=4_6LFveQtbSBaIWGqd3v97jy1WH1NyVdhe9yoBw34aDvUs8NE-1qOMfvRarfj9YF_UZAqvT87D_aAvJv6sgdeId7JmgmieuQuNBtg1Uu2pRjInU_4PJDzgel5ttQkpZ0NoBXQXKhiSg2HJ1f8EWhRZpVl0xUeaFtWQSFhFjY1QzNAOgOZsLjnLAnbU-lci_H-YFmyD10ML0jkdVr3mbTZxfI-IE87m_85CIAtoacGec7QvhMaN0-elAagCwFGd2Bl0vHEZ0QryQPEwaq9-F80WjtRsXa4BaegTMe9aeO3OKrYoWoqbspWWxOkURGxV1rSkfoBROLuCcQXfV3CEY0iqTK16uYeQzcJWzQHZvvNW-SQ_rtWM14naSlzkLBjFIGx3y8h9HvgYHeyKq7pYLQhREXyT5-21Yqrk5-5P1OJq7Ry-w4qUsykRujR-WpzvBd_-Uh9MOsDtOLC__0yy48WRHnpQ&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=crpbU9Aw2ealaOMZwClWxKDTNd7yrJUULg9Mm2CNwMzCi0TRk1LviBU31D7l98E-i-JEdYFVVZZ8ud0dNBAwOrjU2dcrusjU3wDg0JPPbV4zctRtLg1DRVZl_5dMHTgfkv0o0x9s46_7Hc6V5R1CWRMFZBHPQJlKopfcvQgMhLXGR-8j3KHDuE1eKk7Re-safml4PbvuR1-eC7j9K8Gs44GFNVaXuczocOKSgJHXKMqFaEXqtqqVVv6Cot1Xm8kE_WzfhVM-R3HUpfkCk39ls8j7czFmlX3B2a-tttXHB0NrTA0jGfU5f5C_UQw1MxWAY_6K3Z_xkKIiuQ8e51DuMj1mi58890c_cU4siQtCFdkKGk-SvQ_JoSEmnzrqVIODPV9oQP_WqWrkAJ74dwlhdUeVEfpY7SMtHhMFSlqJdQOFbmcldAVTUTxnUOaiF2cLL2oB1-5ce0bAFDQ9qAo&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=kwob

http://www.yac.mx/download/.../down.php?pt=xtva

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=Mz_pOrNq6kvuGqawgL7n5q3X4q6j_oVbScaGlqd_-40Z8VpxHfpF93yqtENSnm4Ud-U5PhB1brgTPfrGQCqa8OKIkrH95FwzasZHw5UY-Jmw0WBuczr9PFSEPN5p6fjRjuHhyJX9WPagxG5ih292QGA9XTrvz8FuyvYQz3XMvYp18nha0v06FfQcyV3RbP2v8_c_3WM7TDQBZqXkJg5xr8NO_sjdrq3VrkUOI-s7QNRRW5Hap5TXJVOn16WLNasMQnmQq5If7crKUZ96AXWMOXJL5q3zqAN-wvvSQdHXlJ_Xz7Xm_ax3Wqnnik2gkpIATC5TFl7ZAeqIqDul4ut6Pr8rzZtB4cSECdgpjnA36O0CxZbex4c8MeMgu7ajVkNlHl2wOavhdr5fcgxWi0QON2BHcNbA9EnqC-_JEx856l1tDT3dAt07KCJ-vZfKXseT9ZNRbSXVglo9fuLATpPXQy2yH2rR3bFS&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://www.yac.mx/download/.../down.php?pt=glp

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=mmacn&subid=DjDkqBZrrJwbhSTiX5ShpcdoPQWGiwwQv7n5YFbxfO9C-NvaglkXu0pemJeSiXoFwZDjQSPLsOQ2qxv3XBF5eMLlCuduXEDvhHSpk4awmtiFm77omPdWlNzldb8smbkAPZI7cHIfgArwMDbDyMfIl4CVehQ9Kyu1HDuNvMsIad_sWKUGDO3VfVurDLNxGLrn5qEJ-xBKXxk42hrczEPAiSvxDPSBYU60sRD2TawhgKC_FWZeInmhH6nqIURRJHTZWdueRV-g5_5ujGHOsLATrav4lMWv3AvPI7dmjQdVhIj2QumqTT_B7hgyyRKge-KCJ-aGXFhG2s6fOADiVdmAHgGeF6rbY6AnERiaJ3FjErfJXT4UNS5Fpu2KmjK-tEQ4H92NO9aF4xcJ-69tv3KhmKjeODakPmFI-M9VsUMeQgvT6SbBNF6NRAHsF1dqjntL2YWZWw&lplink=http://www.yac.mx/download/.../down.php?pt=mmacn

http://nym1.ib.adnxs.com/click?IJ-Be2VpeD9NSsNuvaB0P_yp8dJNYuA_TUrDbr2gdD8gn4F7ZWl4P1q7Rdy9JYATP4nh9vGsK0r2paVTAAAAAJN7JwDIAQAAdgIAAAIAAABxbPoAGcsFAAAAAQBVU0QAVVNEANgCWgDDBQAA9bMAAQUAAQIAAJAApCkHPgAAAAA./cnd=!ywbVQgjsmvQBEPHY6QcYmZYXIAA./referrer=www.macrojuegos.com/clickenc=http://adm.soft365.com/ads/adsavess?sid=yac&ptid=broe&subid=nym1CL-ShrefnuuVShACGNr2luLdt4nAEyIPMTg2LjE4Mi4xNjEuMTAxKAEw9suWnQU.&lplink=http://www.yac.mx/download/config/down.php?pt=broe

Latest 30 of 72 download URLs

Remove yet_another_cleaner_dnt.exe - Powered by Reason Core Security