» adobe photoshop lightroom_10924_i63358921_il345.exe
Overview
Analysis
File Details

adobe photoshop lightroom_10924_i63358921_il345.exe

TeamViewer

A4 TOV

The application adobe photoshop lightroom_10924_i63358921_il345.exe by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

TeamViewer GmbH (signed by A4 TOV)

Product:

TeamViewer

Description:

TeamViewer 10

Version:

10.0.45862.0

MD5:

cb7f04bf0d5f2899c6440158bcfa21eb

SHA-1:

fc9f2c502551e1eaa20ac4f836469d179e9bc02a

SHA-256:

80930c47f0d53e22a8dc4c5073e75ca1f07fb942ad6dcfa680e1600d611acd67

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/13/2024 8:29:15 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize (M)

17.3.5.9

File size:

2.1 MB (2,198,496 bytes)

Product version:

10.0

TeamViewer GmbH

Trademarks:

TeamViewer

Original file name:

TeamViewer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\adobe+photoshop+lightroom\adobe photoshop lightroom_10924_i63358921_il345.exe

Digital Signature

Signed by:

A4 TOV

Authority:

COMODO CA Limited

Valid from:

9/16/2015 7:00:00 PM

Valid to:

9/16/2016 6:59:59 PM

Subject:

CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata

Compilation timestamp:

9/24/2015 10:12:48 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x292663

Entry point:

68, 63, D8, E1, 27, E8, F0, BE, FE, FF, 00, 00, 00, 47, 65, 74, 44, 65, 73, 6B, 74, 6F, 70, 57, 69, 6E, 64, 6F, 77, 00, BB, 12, 33, 37, 0E, 75, 2B, 97, B9, 08, 91, CB, 68, 46, B2, 6C, 31, 97, 39, 83, BF, 03, CC, C8, 43, C9, 7C, CC, C8, 75, E3, 75, 68, 46, C5, AF, CD, 97, B9, A9, CD, 04, 68, 46, C5, 12, 84, 33, 37, AB, E0, A7, 97, 39, 74, EF, 4B, 68, 46, 6C, C2, AC, 33, B7, C5, 25, 99, 33, B7, E8, 2F, AB, 33, B7, 91, 55, 97, 39, 86, 1F, CB, 68, 46, 6C, 23, 13, 97, B9, DA, 18, 5D, CC, 48, 01, C4, 64, 68, 46... 
[+]

Entropy:

7.9777 (probably packed)

Code size:

2.1 MB (2,151,936 bytes)

Remove adobe photoshop lightroom_10924_i63358921_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.