home

yet_another_cleaner_sk_0.exe

Setup

Elex do Brasil Participações Ltda

The application yet_another_cleaner_sk_0.exe by Elex do Brasil Participaçõesa has been detected as a potentially unwanted program by 3 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from fr.softonic.com and multiple other hosts.
Publisher:
Elex do Brasil Participações Ltda  (signed and verified)

Product:
Setup

Version:
1.0.178.26080

MD5:
5d4f94116e4f0da975683c3e511634a3

SHA-1:
100b1190d720b3a6d20d687bab64cb78e9673bfc

SHA-256:
9168593b921c14652bcf28711dfa5e2f644f64f1b1e7d7700173928b251cb838

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 2:12:00 AM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6379

Malwarebytes
PUP.Optional.ELEX
v2015.05.27.07

Reason Heuristics
Win32.Generic.Installer.ELEX.Meta
15.5.27.6

File size:
844.4 KB (864,648 bytes)

Product version:
1.0.178.26080

Copyright:
Copyright (c) 2011-2015 Elex do Brasil Participações Ltda

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\yet_another_cleaner_sk_0.exe

Digital Signature
Signed by:
Elex do Brasil Participações Ltda

Authority:
VeriSign, Inc.

Valid from:
4/13/2015 7:00:00 AM

Valid to:
7/13/2017 6:59:59 AM

Subject:
CN=Elex do Brasil Participações Ltda, O=Elex do Brasil Participações Ltda, L=Sao Paulo, S=Consolacao, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0671EE526ACB6F9BE201F5A8E203C41C

File PE Metadata
Compilation timestamp:
5/27/2015 11:37:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:C/cA0LPdknqybzoBx9122Ji8UMFX/tarKtJq2xC6MrBuRVK/ImsrPgM:C0/ZybUjHBIrKTCjsHmyoM

Entry address:
0x9F58

Entry point:
E8, 41, 40, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 15, 88, 70, 41, 00, 6A, 01, A3, AC, FE, 41, 00, E8, 2C, 45, 00, 00, FF, 75, 08, E8, C1, 44, 00, 00, 83, 3D, AC, FE, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, 12, 45, 00, 00, 59, 68, 09, 04, 00, C0, E8, 8F, 44, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, 11, 70, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 90, FC, 41, 00, 89, 0D, 8C, FC, 41, 00, 89, 15, 88, FC, 41, 00, 89, 1D, 84, FC, 41, 00, 89, 35, 80, FC, 41, 00, 89, 3D, 7C...
 
[+]

Code size:
86.5 KB (88,576 bytes)

The file yet_another_cleaner_sk_0.exe has been seen being distributed by the following 50 URLs.

http://fr.softonic.com/sads/tracker.php?ev=c&co=CA&sid=6ae0e7a3dfcdb7da961207468fe227ea&upv=d8443d9a0244fe6b894f87e1f3ca8b9b&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBA6CC51E5F2F1CC0781D87EC9BB0C214C64EA7E5E4B39867A9F0179C9568FAA3BFE106903F32D362BBB81EEC48886EC11A9756AD8DAAD34C48B807E88BF264384AD969FD6561E5E41310D159EA680D908D5CBA798CDFB929CE6279B4A12A01A62780FF232E6E4A2E5AB8DDAEA645E6B42F1F52109919BCF2D9697B54D0E587F37F79A2A74C1160E692338215EC626908C5378421166C09638CA1614D2CAC63289F&h=DE7A949ADA43262437ED5131C0BC2CF0BAD4F84926CD1911B7FCE106750C126F&directdownload=1&f=69665508&d=http://www.yac-tech.com/download/.../down.php?pt=sftc

http://dl.yac-tech.com/download/.../yet_another_cleaner_rmv.exe

http://www.yac.mx/.../7449892

http://www.softonic.it/sads/tracker.php?ev=c&co=IT&sid=c1d29d902dab8b0ecd1ed3a708987c4e&upv=13cb21322d4aac02c2e0a203a59f311e&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBADD0CB244B8D47EE8EF2B6FDF0EA0CE23C8594D788EE802BF1345B03D32F8EBEF6DD2F2D3DE487748BEC7794C220647AB37A7863D356E29E653A2B382789C786BDCFF8EDE066D9A1347E4D10A59BF6AE7A2C09A2D29D944FDAA3552460CB34BB5730D0CA3F2444E6B270CC9294950152E912BE1831498139F96BB25EAD75AA2F30390E1DC342454813D958F9D07584086&h=456C6B5FFF1A1460A98BFB08D088BC50E99C65697914022853D2B92601C315D9&directdownload=1&f=69665508&d=http://www.yac-tech.com/download/.../down.php?pt=sftc

http://www.yac.mx/.../7792602

http://www.yac.mx/.../186949

http://www.yac.mx/.../786492

http://yknowlarge.com/.../7695302

http://www.yac.mx/.../4267349

http://www.yac.mx/.../6364504

http://www.yac.mx/.../3300514

http://www.yac.mx/.../98920

http://www.softonic.com.br/sads/tracker.php?ev=c&co=BR&sid=4345e19cb999cc87a19245c0c1955932&upv=74694649e35f9ab58e509d52fc0ec829&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAB9D0A325A0C66CC51714148938FC8A6432B22E025E7E79EE7E98462E85F9ED42A6CE9B5A8393328B506B3E04B4757DAE70AA0EEB7D556288207D45E3D59CD9EE7A23A6BE3D9F5986DA2E9429CF2EE3D0C37E1414B8550E5FA6D7D57F452FEC807E7887DDD4673D4A8EC4DA2CD7999B1ED36C2BEFC85779B25169B40335173DDD02C4A594C95EE2B507B0FE05E926029FB61DF20E5AF7E4E4D1FCA51CCEC8691D&h=B1119B1938E69DEBF2438B4D16C42A04E985AD27447861B16E14B3783759086D&directdownload=1&f=69665508&d=http://www.yac-tech.com/download/.../down.php?pt=sftc

http://dl.yac-tech.mx/download/.../yet_another_cleaner_ptt_6284127.exe

http://www.yac.mx/.../7638945

http://www.yac.mx/.../7899993

http://www.yac.mx/.../50922

http://www.yac.mx/.../142423

http://en.softonic.com/sads/tracker.php?ev=c&co=IT&sid=f665a191b388dbb5571ab6d50ff41c0d&upv=79eacc317d3a2572a3447b8e418cc240&z=results&sk=0&abt=&eid=&params=F39B2A32BFC101987B1458170C278E0313858C8F8C1052086E0A941149460CE77E3734121724324D5A74197D8EE1DC86E8E5CF408A5ABECFC449031A471B1C9CF0BF5DF78070D51BACAABAF629B7B04BA0D5929E8C129319FDEC753CBC994289E2DA2E06E6776309D85F7298FC1EA50410B97DEB98F5494AC9713ADB254C2D71C42E3749033A25877EAEC8CF42E97A0F582C6ADE71B1D2CE0B5E929E4C22A67641DE0238D03F5307B4ED9DBED85F8298&h=582B8BCF506BF671B0E0D74BF7C83F69F2A667EED14DCC24509538C681FBAA81&directdownload=1&f=69665508&d=http://www.yac-tech.com/download/.../down.php?pt=sftc

http://fr.softonic.com/sads/tracker.php?ev=c&co=FR&sid=07dde7b55ad063cf11ae0b3246c1413a&upv=1f14a7ad40d822c48626616ce1cf08c1&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBA6CC51E5F2F1CC0781D87EC9BB0C214C64EA7E5E4B39867A9F0179C9568FAA3BFE106903F32D362BBB81EEC48886EC11AACA5CA572351188A6D80B1CE8DF2ACBA39470E52908F1C50D905DC8F0CFAC1B2757C31FC966865D9CF5515D59537F2D3D9ECBD114F5704136282896574F57E431C14DB316E077C4D21FC9E5C29A0FE90CB1E460B2E9DED1FEDC0E6A8464C453747F30D305E99552A9813EF12E7284098&h=66944008DF011A08B01BF5A8155869A2662C4878A833EBF6927FC9EA63D8E2BB&directdownload=1&f=69665508&d=http://www.yac-tech.com/download/.../down.php?pt=sftc

http://www.yac.mx/download/.../down.php?pt=ocm

http://www.yac.mx/.../6911206

http://www.yac.mx/.../75199

http://www.softonic.it/sads/tracker.php?ev=c&co=IT&sid=facad7fbee3637e1b41ae436cf6554fa&upv=5a82f10172b997bebbc25b185c244d82&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBADD0CB244B8D47EE8EF2B6FDF0EA0CE237E8B55F716ADC97C70D5F4DB55B100F5D260BCA0797A9B4A8BABBEF3BA8DD0DA2E94FFC10D79CDAA47C062DBA1F2312EC3A972DE3A99D3E0009B8FF79A1F954AAEF6A33AE802608DED28E343064A21D224B5EC9305DF38F6930A958DC358AB976934B405E457879A2596A7A807AABBCE8E0C0543F7314D799CD81D359669D5DE&h=9A5D0678071A520379D73BA45145CEF11E022A5C4B8E9804802453D1FB44B2BB&directdownload=1&f=69665508&d=http://www.yac-tech.com/download/.../down.php?pt=sftc

http://www.yac.mx/.../2277593

http://www.yac.mx/.../6145386

http://www.yac.mx/.../7680687

http://www.yacss.com/.../5995729

http://www.yac.mx/.../77667

http://dl.yac-tech.com/download/.../yet_another_cleaner_neto.exe

Latest 30 of 55 download URLs

Remove yet_another_cleaner_sk_0.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.