home

خطوات صنع مدونه للربح منها.rar_10924_i51658993_il345.exe

Runner Utility

BERSHNET LLC

The application خطوات صنع مدونه للربح منها.rar_10924_i51658993_il345.exe by BERSHNET has been detected as adware by 26 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
6ce8dbb38630a5c2699c8d7576bc5c8b

SHA-1:
38da8113425470dced175113be53261d6537d22f

SHA-256:
08d8c58154a4d389a7f2833634e4a1c3da05bc60c3d233c24d3e838fc7ae1148

Scanner detections:
26 / 68

Status:
Adware

Analysis date:
4/26/2024 4:02:53 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Jatif.320
577

AhnLab V3 Security
PUP/Win32.LoadMoney
2015.05.05

AVG
Generic
2016.0.3055

Baidu Antivirus
PUA.Win32.Dlhelper
4.0.3.1577

Bitdefender
Gen:Variant.Application.Jatif.320
1.0.20.940

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.LoadMoney.IARS
22002

Dr.Web
Trojan.Amonetize
9.0.1.0188

ESET NOD32
Win32/Amonetize.DW potentially unwanted (variant)
9.11574

Fortinet FortiGate
Riskware/Agent
7/7/2015

F-Prot
W32/S-53544127
v6.4.7.1.166

F-Secure
Gen:Variant.Application.Jatif
11.2015-07-07_3

G Data
Gen:Variant.Application.Jatif.320
15.7.25

K7 AntiVirus
Unwanted-Program
13.203.15799

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.1772

McAfee
Artemis!6CE8DBB38630
5600.6711

MicroWorld eScan
Gen:Variant.Application.Jatif.320
16.0.0.564

NANO AntiVirus
Trojan.Win32.Agent.dqszke
0.30.24.1357

Panda Antivirus
Trj/Genetic.gen
15.07.07.02

Qihoo 360 Security
HEUR/QVM16.0.Malware.Gen
1.0.0.1015

Quick Heal
PUA.Bershnetll.Gen
7.15.14.00

Reason Heuristics
PUP.BERSHNET (M)
15.7.7.10

Sophos
Generic PUA DI
4.98

Trend Micro House Call
TROJ_GEN.R047C0EDP15
7.2.188

Trend Micro
TROJ_GEN.R047C0EDP15
10.465.07

VIPRE Antivirus
Amonetize
39940

File size:
1.5 MB (1,529,360 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\????? ??? ????? ????? ????.rar_10924_i51658993_il345.exe

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/6/2015 1:00:00 AM

Valid to:
2/7/2016 12:59:59 AM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
4/12/2015 5:43:08 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:zCxfrC6zup//WeP4XZKQscTENJ7tqoHbqWTh97/cuebOwk4KvR2eRlDEPDsVj:WxzTzE/F0ZKYTcDHRd97/kbOw2vR2TsF

Entry address:
0x3D3F84

Entry point:
60, E8, 33, 27, 00, 00, 9C, E8, C2, 91, FF, FF, 8D, 64, 24, 34, 0F, 83, 3E, AF, FF, FF, E9, C1, CE, FF, FF, 52, 8B, 55, E8, C1, EA, 0B, 0F, AF, 10, 39, 55, E4, 0F, 83, FC, 9E, 00, 00, 89, 55, E8, BA, 00, 08, 00, 00, 2B, 10, C1, EA, 05, 01, 10, E8, C8, DA, FF, FF, F8, 5A, C3, 8D, 64, 24, 04, 0F, 87, 38, 2C, EA, FF, 60, C7, 44, 24, 1C, CE, 10, 28, 0A, E9, 5B, 84, FF, FF, 62, 54, A6, A4, A3, BD, 5B, 8D, DE, 7C, AF, 8B, 94, 86, A1, A5, 98, 3E, 23, 8F, A0, B6, F5, 31, 04, BE, 71, F9, 16, 2C, F4, 4B, DD, 48, 9E...
 
[+]

Packer / compiler:
ASPack v1.08.04

Code size:
187.5 KB (192,000 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.