» 00000001
Overview
Analysis
File Details

00000001

Sambamedia SL

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file 00000001 by Sambamedia SL has been detected as adware by 32 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

00000001

Publisher:

Sambamedia SL (signed and verified)

MD5:

ac5e147ae4cf19dc673594e77be5890e

SHA-1:

f367e61f473c8e7fde94ea39abbecd309aa46116

SHA-256:

d6ed7940d2562cfb6fde3efcec21cfe3a104c883cb9d1b30d8546a472db6f65e

Scanner detections:

32 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/26/2024 7:59:31 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.5

6226835

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.Bundler

2015.04.10

avast!

Win32:PUP-gen [PUP]

2014.9-150409

AVG

Generic

2016.0.3144

Bitdefender

Gen:Variant.Application.Bundler.5

1.0.20.495

Bkav FE

W32.HfsAdware

1.3.0.6379

Clam AntiVirus

Win.Adware.Multiplug-33061

0.98/21511

Comodo Security

Application.Win32.Softpulse.A

18505

Dr.Web

Trojan.Packed.26825

9.0.1.099

Emsisoft Anti-Malware

Gen:Variant.Application.Bundler

9.0.0.4799

ESET NOD32

Win32/SoftPulse.B potentially unwanted application

9.7.0.302.0

Fortinet FortiGate

Riskware/Generic.AC.867736

4/9/2015

F-Prot

W32/A-7488f3d7

v6.4.7.1.166

F-Secure

Riskware.Gen:Variant.Application.Bundler

5.13.68

G Data

Gen:Variant.Application.Bundler

15.4.25

herdProtect (fuzzy)

variant of new player.exe (Adware)

2015.7.12.12

K7 AntiVirus

Trojan

13.202.15544

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.1747

Malwarebytes

PUP.Optional.DomaIQ

v2015.04.09.07

McAfee

PUP-FIG!80B7D2700B25

5600.6800

MicroWorld eScan

Gen:Variant.Application.Bundler.5

16.0.0.297

NANO AntiVirus

Trojan.Win32.Agent.dbitwg

0.30.10.952

Norman

Gen:Variant.Application.Bundler.5

03.12.2014 13:20:04

Panda Antivirus

Trj/Genetic.gen

15.04.09.07

Quick Heal

TrojanDwnldr.DriverUpd.A5

4.15.14.00

Reason Heuristics

PUP.Bundler.Softpulse

15.4.9.13

Rising Antivirus

PE:Malware.SoftPulse!6.197F

23.00.65.15407

Sophos

SoftPulse

4.98

Vba32 AntiVirus

Downloader.Agent

3.12.26.3

VIPRE Antivirus

Threat.4783235

30086

Zillya! Antivirus

Downloader.Agent.Win32.194602

2.0.0.2132

File size:

787.4 KB (806,288 bytes)

Bundler/Installer:

Softpulse SoftwareBundler

Common path:

C:\users\{user}\appdata\local\google\chrome\user data\default\file system\008\t\00\00000001

Digital Signature

Signed by:

Sambamedia SL

Authority:

GlobalSign nv-sa

Valid from:

4/28/2014 4:13:17 PM

Valid to:

4/29/2015 4:13:17 PM

Subject:

E=contact@sambamediasl.com, CN=Sambamedia SL, O=Sambamedia SL, L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121A6F5CA8560763435DF885221AE3B200F

File PE Metadata

Compilation timestamp:

5/22/2014 5:33:05 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:o21GT5b+s2KVzxFAu27Mms/p9kh3zPSBH/dRUshEMsPDaYBKDEWf8:o21lRKVzxFAbVshJBH/PHELa

Entry address:

0x4D137

Entry point:

E8, ED, 7A, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, 42, 36, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, D4, 0C, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, 95, 12, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, B4, 06, 00, 00, 83, C4, 0C, 39, 7D, 10, 74, B6, 39, 75, 0C, 73, 0E, E8, F3, 35, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, AD... 
[+]

Entropy:

6.3375

Code size:

454 KB (464,896 bytes)

Remove 00000001 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.