» ativador_windows_7_definitivo_todas_as_versoes_32_64_bits_ph_downs_downloader-q8rfsvhwi.exe.zip
Overview
Analysis
File Details
Downloads (1)

ativador_windows_7_definitivo_todas_as_versoes_32_64_bits_ph_downs_downloader-q8rfsvhwi.exe.zip

The file ativador_windows_7_definitivo_todas_as_versoes_32_64_bits_ph_downs_downloader-q8rfsvhwi.exe.zip has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from sub.reichtron.com.

File name:

MD5:

e56279a3b42a2668d9c2657961470223

SHA-1:

261db0873e53ec14ba289e2c59fb918f3f22217c

SHA-256:

ed1027cd30c790deb15a15bd171e7792d158e5e2627758afc04fcf25a4470b32

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 11:57:12 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Bundler.Meta (M)

16.6.22.17

File size:

380.4 KB (389,555 bytes)

Common path:

C:\users\{user}\downloads\ativador_windows_7_definitivo_todas_as_versoes_32_64_bits_ph_downs_downloader-q8rfsvhwi.exe.zip

The file ativador_windows_7_definitivo_todas_as_versoes_32_64_bits_ph_downs_downloader-q8rfsvhwi.exe.zip has been seen being distributed by the following URL.

http://sub.reichtron.com/Q8RfSvhWI6470d0fbcca20dbfa6d99f0a166d2f575V1AwvgTTJDYToyOntzOjI6InRzIjtpOjE0MzQ5Nzc1MDg7czoxOiJmIjtzOjcyOiIvaG9tZS93d3cvYXNzZXRzL2JldHRlcl9pbnN0YWxsZXIvaW5zdGFsbGVycy9jbGkvc2V0dXBfMTQzNDk3NDU0NTg2OS5leGUiO30=

Remove ativador_windows_7_definitivo_todas_as_versoes_32_64_bits_ph_downs_downloader-q8rfsvhwi.exe.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.