avira-antivir-personal-free-antivirus-12001125-downloader.exe

OCSClient

www.download-sponsor.de

The application avira-antivir-personal-free-antivirus-12001125-downloader.exe has been detected as a potentially unwanted program by 8 anti-malware scanners.
Publisher:
www.download-sponsor.de

Product:
OCSClient

Version:
1.00

MD5:
d1947f075d51487c2a0ba1aa7e51afdf

SHA-1:
738135fd9b0fbc6b7ad5de72bfa0c80e88bb2cd6

SHA-256:
1d168cef4d801baca1c8de409cec624416a0061031248f4a415231c16504ec03

Scanner detections:
8 / 68

Status:
Potentially unwanted

Explanation:
May bundle potentially unwanted software during setup with minimal user consent.

Analysis date:
3/30/2014 7:43:36 PM UTC  (three months ago)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVir
APPL/Downloader.Gen
7.11.140.76

Dr.Web
Adware.Downware.2252
9.0.1.089

ESET NOD32
Win32/DownloadSponsor (variant)
8.9614

G Data
Win32.Application.DownloadSponsor
14.3.24

Trend Micro House Call
HV_ZYX_CA22677F.TOMC
7.2.89

Vba32 AntiVirus
Downware.VB.AndreClient
3.12.24.3

VIPRE Antivirus
DownloadSponsor
27864

File size:
500 KB (512,000 bytes)

Product version:
1.00

Copyright:
Copyright @ www.download-sponsor.de

Original file name:
ocsclient.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\user\downloads\avira-antivir-personal-free-antivirus-12001125-downloader.exe

File PE Metadata
Compilation timestamp:
6/1/2012 4:44:19 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:/K/ORf1fC0JkM8tPHjyN/Cs+zZjT4YkW2KanSDBfMysVufBn597NX2:/Pf9JkptPDIgwWo7ysgfBnnl2

Entry address:
0x1480

Entry point:
68, 8C, 48, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 17, 5D, 5D, 7C, BD, 4A, 4D, 4F, 95, 80, 4C, 02, 9C, 38, 5B, 25, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 4F, 43, 53, 43, 6C, 69, 65, 6E, 74, 00, 34, 36, 7D, 23, 32, 2E, 00, 00, 00, 00, FF, CC, 31, 00, 01, CB, 27, 30, 52, CC, D5, 70, 40, 90, CE, A9, 84, C1, C0, 1B, F5, D4, 5A, D4, AC, 9F, 94, AF, 4F, A5, 7F, 4E, 75, C8, E6, 2B, 8A, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
32 KB (32,768 bytes)

0 / 68
google-chrome-23-0-1271-97.exe  (d9bed5a37f1d1db0ca500ad907593bde5eea04e6)

0 / 68
avs-tv-box-1-5-1-100.exe  (8498477397f74c59262cf1f54f12cbea73179194)

0 / 68
gif_anim_lt.exe  (d0123cd2ed76205b1539d227e3ec36aaa16bad84)

0 / 68
mouserecorderpro-1.3-setup.exe  (2dd424a96532c8fd93d7b2861919b87d099b9abd)

0 / 68
xvid4psp_6.0_beta.exe  (475929feb01232af809db0f305df7ef5e85f256c)

0 / 68
daemon-tools-lite-4-46-1.exe  (759d0005ef439de1d8abcfb48e46eef947e6b14a)

0 / 68
r.c.g_pc_control.exe  (fb831dd85d9e4de0850c31ee2a4a9c6f8ef638f7)

0 / 68
tuneup 2012.exe  (38164ebc46038bb3b07e8d2f518242dce2f41475)

0 / 68
display_tuning.iso.exe  (c7115cef641c8c9dd35b98eb3449469bbf0d3f4e)

9 / 68      (PUP)
wordpad_2009_rc1.exe  (364ab05040db751dce79c00671587a6ee588f6d4)

0 / 68
power-point-2010.exe  (d0676c6c4ee16e34530bc68e0289c3000b6e1a61)

0 / 68
vpsetup-downloader.exe  (697e6b2c83eb216537c64f7e13e4d8ae195588d5)

0 / 68
wavosaur.1.0.7.0_en_.exe  (a711ff283f977b1eca2c19eaf85f2f85f3235dc3)

0 / 68
inslucaschess701-downloader.exe  (2db35006667107b3e6e65591944daff993afde0e)

0 / 68
fc_setup_0902b - chip-downloader.exe  (faf82f6a363f519ed9badc7da550e38fb0d77ecb)

0 / 68
fc_setup_0902b - chip-downloader.exe  (5f165e91e1aab297b824134c39cf6202921b637d)

Detection Incidence by Country