home

adobe dreamweaver cc.exe

Apps Installer S.L.

This is the Solimba installer program that will bundle additional offers mostly including adware and various unwanted PC utilities. The application adobe dreamweaver cc.exe by Apps Installer S.L has been detected as adware by 29 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. During install, it bundles potentially unwanted software on a user's computer at the same time without adequate consent. While running, it connects to the Internet address cdn.solimba.com on port 80 using the HTTP protocol.
Publisher:
Appsinstalls  (signed by Apps Installer S.L.)

Description:
setup mgr

Version:
3.1.12.2

MD5:
2b2cbc72ce14f9f4e593695d54aff51c

SHA-1:
c3dd0787f59c0424b83e9f8415b0f09a12b93466

SHA-256:
6b0fd5e5568afb3be8375db67b4a3d9a4f3a4cb970554166741721a33a44c6fc

Scanner detections:
29 / 68

Status:
Adware

Explanation:
This is a wrapped installation of legitimate software (without persmission of the developer) and bundles adware such as toolbars and extensions.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/26/2024 12:01:57 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.Firseria.F
5823004

Agnitum Outpost
PUA.Firseria
7.1.1

Avira AntiVirus
APPL/FirseriaH.A.1
7.11.188.28

avast!
Win32:Solimba-C [PUP]
141119-1

AVG
Adware BundleApp.DX
2014.0.4189

Baidu Antivirus
Adware.Win32.FirseriaInstaller
4.0.3.141122

Bitdefender
Application.Bundler.Firseria.F
1.0.20.1630

Clam AntiVirus
Win.Adware.Firseria-12
0.98/21511

Comodo Security
Application.Win32.Firseria.CJL
20156

Dr.Web
Adware.Downware.4319
9.0.1.05190

Emsisoft Anti-Malware
Application.Bundler.Firseria
9.0.0.4570

ESET NOD32
Win32/FirseriaInstaller.I potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/Generic.AC.1794300
11/22/2014

F-Prot
W32/A-916a3aa0
v6.4.7.1.166

F-Secure
Application.Bundler.Firseria
11.2014-22-11_7

G Data
Application.Bundler.Firseria
14.11.24

IKARUS anti.virus
PUA.Morstar
t3scan.1.8.3.0

K7 AntiVirus
Unwanted-Program
13.185.14098

Kaspersky
not-a-virus:AdWare.Win32.Fiseria
15.0.0.463

Malwarebytes
PUP.Optional.BundleInstaller.A
v2014.11.22.12

MicroWorld eScan
Application.Bundler.Firseria.F
15.0.0.978

NANO AntiVirus
Trojan.Win32.DownLoader11.czvwwp
0.28.6.63474

nProtect
Trojan-Clicker/W32.Fiseria.512816
14.11.21.01

Panda Antivirus
Adware/Solimba
14.11.22.12

Reason Heuristics
PUP.Installer.AppsInstallerSL.U
14.11.21.23

Sophos
Solimba Installer
4.98

Vba32 AntiVirus
Downware.Morstar
3.12.26.3

VIPRE Antivirus
Threat.5063891
35010

Zillya! Antivirus
Adware.Fiseria.Win32.28
2.0.0.1990

File size:
500.8 KB (512,816 bytes)

Product version:
3.1.15

Copyright:
copyright ©2014

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\adobe dreamweaver cc.exe

Digital Signature
Signed by:
Apps Installer S.L.

Authority:
Thawte, Inc.

Valid from:
2/18/2013 9:00:00 PM

Valid to:
2/19/2015 9:59:59 PM

Subject:
CN=Apps Installer S.L., O=Apps Installer S.L., L=Barcelona, S=Barcelona, C=ES

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
323F44D66AEF890F43C32CFD743A4AD0

File PE Metadata
Compilation timestamp:
5/30/2014 6:27:30 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:XxcnJVK0iTmk/iCAkCcIL0zmB6KKMcWePoFjdz5c3S7zF20g6/UDuR7C8z0/Y7xI:XxcJULzaCAkaYk69Sv1UDuJCKDK

Entry address:
0xE84A

Entry point:
E8, 7C, 79, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 60, E4, 41, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 10, E1, 41, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 60, 54, 42, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 64...
 
[+]

Code size:
115.5 KB (118,272 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to cdn.solimba.com  (95.211.6.35:80)

TCP (HTTP):
Connects to api.downloadmr.com  (95.211.39.161:80)

 
http://api.downloadmr.com/installer/41913879/launch

Remove adobe dreamweaver cc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.