» arquivo.exe
Overview
Analysis
File Details

arquivo.exe

Downloader

BR SOFTWARE LLC

The application arquivo.exe by BR SOFTWARE has been detected as adware by 22 anti-malware scanners. This setup program installs potentially unwanted software on the user's PC at the same time as the expected/marketing software, without adequate consent. The program is typically installed via a form of malvertising

File name:

arquivo.exe

Publisher:

BR SOFTWARE LLC (signed and verified)

Product:

Downloader

Version:

1.0.0.0

MD5:

d0ffc87e5924a73292e3367b56673fee

SHA-1:

1270de6e7defff157dce909436465e2d109553ae

SHA-256:

d08bd38508ce5869d131aefded0433179e98684003f382fc0f53cf23cb115994

Scanner detections:

22 / 68

Status:

Adware

Analysis date:

6/18/2025 11:09:51 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Rogue.8209214.1

7.11.56.52

avast!

Win32:Downloader-RBO [Adw]

2014.9-140917

AVG

AdInstaller.K

2015.0.3349

Bitdefender

Trojan.Generic.8209214

1.0.20.1300

Comodo Security

UnclassifiedMalware

14870

Dr.Web

Trojan.DownLoader7.11254

9.0.1.0260

ESET NOD32

MSIL/Adware.PCMega (variant)

8.7881

Fortinet FortiGate

Adware/Fam.NB

9/17/2014

F-Secure

Trojan.Generic.8209214

11.2014-17-09_4

G Data

Trojan.Generic.8209214

14.9.22

IKARUS anti.virus

Win32.Downloader.RBO

t3scan.1.3.5.0

Malwarebytes

Adware.Pcmega

v2014.09.17.12

McAfee

Artemis!D0FFC87E5924

5600.7005

Microsoft Security Essentials

SoftwareBundler:MSIL/Protlerdob

1.163.1557.0

MicroWorld eScan

Trojan.Generic.8209214

15.0.0.780

Norman

W32/PCMega.GK

11.20140917

nProtect

Trojan.Generic.8209214

13.01.11.01

Panda Antivirus

Trj/Downloader.VPT

14.09.17.12

Reason Heuristics

PUP.BRSOFTWARE.H

14.9.17.0

Trend Micro House Call

TROJ_GEN.RCBZ7LR

7.2.260

Trend Micro

TROJ_GEN.RCBZ7LR

10.465.17

VIPRE Antivirus

MSIL.Adware.PCMega

14968

File size:

17.8 KB (18,248 bytes)

Product version:

1.0.0.0

Original file name:

arquivo.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\arquivo.exe

Digital Signature

Signed by:

BR SOFTWARE LLC

Authority:

GlobalSign nv-sa

Valid from:

10/23/2012 10:26:53 AM

Valid to:

6/9/2015 3:58:43 PM

Subject:

CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11215F1BC6E44C67E2EC1F91732D086B1909

File PE Metadata

Compilation timestamp:

10/15/2012 4:27:47 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:CRdyTnkKrcrM8LpGG2uujLLAFeZ3IFK2YIGx:tdcrMQ3euepWX+x

Entry address:

0x469E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

10 KB (10,240 bytes)

Remove arquivo.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.