home

00000001

Digital Plugin SL

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file 00000001 by Digital Plugin SL has been detected as adware by 28 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Digital Plugin SL  (signed and verified)

MD5:
f52f7f3dc59ab7e0fc675286d738bbef

SHA-1:
dd6429b21c7e7ee96dbcc75408e1cf109eef2cc0

SHA-256:
014b16eadee145e1ff48ff73b023638bf7172c6f5547d42baaae33b462536b55

Scanner detections:
28 / 68

Status:
Adware

Explanation:
Uses the DomainIQ download manager to bundle additional potentially unwanted software without adequate consent.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/19/2024 10:57:36 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.AA
865

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.DomaIQ
2014.09.23

Avira AntiVirus
TR/Dropper.Gen
7.11.30.172

avast!
Win32:SoftPulse-S [PUP]
2014.9-140922

AVG
Generic
2015.0.3343

Bitdefender
Application.Bundler.AA
1.0.20.1325

Clam AntiVirus
Win.Trojan.Softpulse-8
0.98/19414

Comodo Security
Application.Win32.SoftPulse.E
19585

Dr.Web
Trojan.Packed.28257
9.0.1.0265

Emsisoft Anti-Malware
Application.Bundler.AA
14.09.22

ESET NOD32
Win32/SoftPulse (variant)
8.10128

F-Prot
W32/A-93d66bbd
v6.4.7.1.166

F-Secure
Application.Bundler.AA
11.2014-22-09_2

G Data
Application.Bundler.AA
14.9.24

herdProtect (fuzzy)
variant of player_setup.exe (Adware)
2014.12.4.18

IKARUS anti.virus
PUA.DigiPlug
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.181.12795

Malwarebytes
PUP.Optional.DomaIQ
v2014.09.22.02

McAfee
SoftPulse
5600.6999

MicroWorld eScan
Application.Bundler.AA
15.0.0.795

NANO AntiVirus
Trojan.Win32.Softpulse.dcouet
0.28.2.62286

Panda Antivirus
Trj/Genetic.gen
14.09.22.02

Reason Heuristics
PUP.DigitalPluginSL.I
14.9.22.12

Sophos
DomainIQ pay-per install
4.98

Vba32 AntiVirus
Trojan.Buzus
3.12.26.3

VIPRE Antivirus
Threat.4150696
31208

Zillya! Antivirus
Trojan.Black.Win32.17179
2.0.0.1929

File size:
1.3 MB (1,385,104 bytes)

Bundler/Installer:
Softpulse SoftwareBundler

Common path:
C:\users\{user}\appdata\local\google\chrome\user data\default\file system\007\t\00\00000001

Digital Signature
Signed by:
Digital Plugin SL

Authority:
VeriSign, Inc.

Valid from:
5/26/2014 1:00:00 AM

Valid to:
5/27/2015 12:59:59 AM

Subject:
CN=Digital Plugin SL, O=Digital Plugin SL, L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6B59702469CAA1B8F0FE3A86D94D6266

File PE Metadata
Compilation timestamp:
7/17/2014 2:22:07 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:h3YD8/uAvukLLfGYudfVHlG6EvJ72DgiB8mdtBA1FYTtkUnO3lOe1:zhzPYlJlG1vJ720iBXzT6F3lO8

Entry address:
0x6736

Entry point:
E8, 74, 43, 00, 00, E9, 7F, FE, FF, FF, E9, B5, 13, 00, 00, FF, 35, B0, 2E, 47, 00, FF, 15, E4, 40, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 6B, 3B, 00, 00, 6A, 01, 6A, 00, E8, 82, 48, 00, 00, 83, C4, 0C, E9, 99, 48, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, D9, 48, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, A6, 13, 00, 00, 59, 85, C0, 74, E6, C9, C3, 6A, 01, 8D, 45, FC, 50, 8D, 4D, F0, C7, 45, FC, 44, 9D, 46, 00, E8, A8, 2F, 00, 00, 68, 4C, F7, 46, 00, 8D, 45, F0, 50, C7, 45, F0, 3C, 9D...
 
[+]

Code size:
74.5 KB (76,288 bytes)

Remove 00000001 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.