» afgytdrp_386329_setup.exe
Overview
Analysis
File Details

afgytdrp_386329_setup.exe

GOffer

The application afgytdrp_386329_setup.exe has been detected as a potentially unwanted program by 30 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source.

File name:

Product:

GOffer

Version:

1.0.3.9

MD5:

79218045183280da28a264b8e7387a86

SHA-1:

64f43730233da185382f93460707103b071553d0

SHA-256:

6af69b86e793d3e3b3f8164f026526435378631438435c4ed07f963f5e819b38

Scanner detections:

30 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 6:31:28 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Zusy.73969

1135

Agnitum Outpost

Trojan.Adware

7.1.1

AhnLab V3 Security

Trojan/Win32.Agent

2013.12.27

Avira AntiVirus

ADWARE/Adware.Gen7

7.11.125.176

avast!

Win32:Adware-BHL [PUP]

2014.9-140118

AVG

Luhe.MSIL.F

2014.0.3613

Baidu Antivirus

Trojan.MSIL.Dropper

4.0.3.131227

Bitdefender

Gen:Variant.Adware.Zusy.73969

1.0.20.1805

Emsisoft Anti-Malware

Gen:Variant.Adware.Zusy.73969

8.13.12.27.04

ESET NOD32

Generik.EONNDVZ (variant)

8.9307

Fortinet FortiGate

Adware/Fam.NB

12/27/2013

F-Secure

Gen:Variant.Adware.Zusy.73969

11.2013-27-12_6

G Data

Gen:Variant.Adware.Zusy.73969

13.12.24

IKARUS anti.virus

Trojan-Dropper.MSIL

t3scan.2.2.29

K7 AntiVirus

Riskware

13.175.10881

Kaspersky

Trojan-Dropper.MSIL.Agent

14.0.0.4559

Malwarebytes

Adware.GoOffer

v2013.12.27.04

McAfee

RDN/Generic Dropper!st

5600.7269

MicroWorld eScan

Gen:Variant.Adware.Zusy.73969

14.0.0.1083

nProtect

Adware/W32.Agent.245760

14.01.17.02

Panda Antivirus

Generic Malware

13.12.27.04

Quick Heal

TrojanDropper.Agent.gen

1.14.12.00

Rising Antivirus

PE:Malware.Generic/QRS!1.9E2D

23.00.65.131225

Sophos

Generic PUA GE

4.96

Trend Micro House Call

ADW_CROSSID

7.2.361

Trend Micro

ADW_CROSSID

10.465.18

Vba32 AntiVirus

TrojanDropper.MSIL.Agent

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

25540

ViRobot

Trojan.Win32.S.Agent.245760.AO

2011.4.7.4223

XVirus List

Win.Detected

2.3.31

File size:

240 KB (245,760 bytes)

Product version:

1.0.3.9

Original file name:

GOffer.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\afgytdrp_386329_setup.exe

File PE Metadata

Compilation timestamp:

12/25/2013 9:06:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:Aq9J/Ui9oq6VWI1cbu/s5m1pIY+YyDLMY8Tzk9:5j9lOWccbus58OY+YyDyT

Entry address:

0x3D5A2

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, D0, 03, 00, 0C, 00, 00, 00, A4, 35, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

237.5 KB (243,200 bytes)

Remove afgytdrp_386329_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.