yourdownload.exe

The application yourdownload.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from ttvdownloads.maynemyltf.netdna-cdn.com.
MD5:
6190c9363e88db9783a86b0e7abd097e

SHA-1:
94f926de9a1c335bb9d708b4ead947ab172b3a7f

SHA-256:
35cbc27b441d3fff5745bf185ecdad2c7959e2bbcb7c0c7b7433b2ab671a5961

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 12:52:10 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Application.Bundler.LT
9.0.0.4157

ESET NOD32
multiple threats
8.0.319.0

McAfee
Program.Artemis!E50423C905E2
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.798.0

Norman
Application.Bundler.LT
22.05.2016 07:18:28

File size:
317.8 KB (325,403 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\yourdownload.exe

File PE Metadata
Compilation timestamp:
12/6/2009 6:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:sQquQkC33Mhz9nGKtmzCqz43FDW+Z5HV8HFlWquKpOO3EMMf+0C7z:SkCH6ByC91W+Z56LRPhMf7CH

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.8890

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file yourdownload.exe has been seen being distributed by the following URL.

Remove yourdownload.exe - Powered by Reason Core Security