home

avg-anti-virus-free-edition-2014.exe

Tuguu SLU

This is part of the Tuguu DomaIQ , a download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application avg-anti-virus-free-edition-2014.exe by Tuguu SLU has been detected as adware by 21 anti-malware scanners.
Publisher:
Tuguu SLU  (signed and verified)

MD5:
f414c2cb3cb40583ff90f67712b7f613

SHA-1:
0f7f005faf909b1d6cb37eec89c8f4380a9b32c4

SHA-256:
01bcc010ca88b82badf16b8280ef188c709a27e52388cda94ebb6aefed06f921

Scanner detections:
21 / 68

Status:
Adware

Explanation:
Uses the DomainIQ download manager to bundle additional potentially unwanted software without adequate consent.

Analysis date:
4/19/2024 10:50:14 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.331796
1051

Agnitum Outpost
PUA.DomaIQ
7.1.1

AhnLab V3 Security
PUP/Win32.DomaIQ
14.03.20

Avira AntiVirus
APPL/DomaIQ.Gen
7.11.138.26

AVG
Skodna.Bundle_r.U
2015.0.3529

Dr.Web
Trojan.DownLoader9.15042
9.0.1.079

ESET NOD32
Win32/DomaIQ.AZ (variant)
8.9567

F-Secure
Gen:Variant.Kazy.331796
11.2014-20-03_5

G Data
Win32.Application.DomalQ
14.3.24

herdProtect (fuzzy)
variant of setup.exe (Adware)
2014.5.15.3

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.2.29

Kaspersky
not-a-virus:AdWare.MSIL.DomaIQ
14.0.0.4142

Malwarebytes
PUP.Optional.Domalq
v2014.03.20.02

McAfee
Adware-DomaIQ!7727D06EC3A7
5600.7185

MicroWorld eScan
Gen:Variant.Kazy.331796
15.0.0.237

NANO AntiVirus
Trojan.Win32.DomaIQ.cswtvq
0.28.0.58491

Panda Antivirus
PUP/MultiToolbar.A
14.03.20.02

Reason Heuristics
PUP.TuguuSLU.a
14.8.7.21

Sophos
DomainIQ pay-per install
4.98

Vba32 AntiVirus
BScope.Downware.DomaIQ
3.12.24.3

VIPRE Antivirus
DomaIQ
27574

File size:
311.1 KB (318,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\avg-anti-virus-free-edition-2014.exe

Digital Signature
Signed by:
Tuguu SLU

Authority:
GlobalSign nv-sa

Valid from:
1/27/2014 1:49:17 PM

Valid to:
1/28/2015 1:49:17 PM

Subject:
E=victor.camacho@tuguu.com, CN=Tuguu SLU, OU=Tuguu S.L.U, O=Tuguu SLU, L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216AFFC1DE70132006AD15B9EFFB99386B

File PE Metadata
Compilation timestamp:
1/29/2014 7:17:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:rk6y336SLWmpqVWNwXLXuvfxMmJGUFpTqRau6AKnOA2ys+9e+3c5kzdCMFFV0DlF:rxg36PWNw7XuBWmkeVd9wxpbYzS

Entry address:
0x1576

Entry point:
E8, BC, 26, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, D8, CF, 40, 00, 89, 0D, D4, CF, 40, 00, 89, 15, D0, CF, 40, 00, 89, 1D, CC, CF, 40, 00, 89, 35, C8, CF, 40, 00, 89, 3D, C4, CF, 40, 00, 66, 8C, 15, F0, CF, 40, 00, 66, 8C, 0D, E4, CF, 40, 00, 66, 8C, 1D, C0, CF, 40, 00, 66, 8C, 05, BC, CF, 40, 00, 66, 8C, 25, B8, CF, 40, 00, 66, 8C, 2D, B4, CF, 40, 00, 9C, 8F, 05, E8, CF, 40, 00, 8B, 45, 00, A3, DC, CF, 40, 00, 8B, 45, 04, A3, E0, CF, 40, 00, 8D, 45, 08, A3, EC, CF, 40...
 
[+]

Entropy:
5.8799

Code size:
30.5 KB (31,232 bytes)

Remove avg-anti-virus-free-edition-2014.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.