» avs_video_converter_8.4.1.540_full_cracked5ba45d.exe
Overview
Analysis
File Details
Downloads (1)

avs_video_converter_8.4.1.540_full_cracked5ba45d.exe

WARP INSTALL

The software uses the Optimum Installer/Fusion Installer (Adknowledge) to download and install an offer stack of adware including toolbars, coupon extensions and various unwanted utilities. This installer is just a stub to present offers and download the expected software. The application avs_video_converter_8.4.1.540_full_cracked5ba45d.exe, “Premium Installer ” by WARP INSTALL has been detected as adware by 40 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer.

File name:

Publisher:

Premium Installer (signed by WARP INSTALL)

Product:

Premium Installer

Description:

Premium Installer

Version:

1.3.7.2

MD5:

3c61cdaa3d2fd15a49ab17adf075107d

SHA-1:

e2a5332d6d217f11746f178b3003532a3bc74024

Scanner detections:

40 / 68

Status:

Adware

Explanation:

This setup/installer bundles various adware components (toolbars, shopping extensions, utility offers).

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/19/2024 12:50:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.B

1045

Agnitum Outpost

Win32.Parite.B

7.1.1

AhnLab V3 Security

Win32/Parite

14.03.26

Avira AntiVirus

W32/Parite

7.11.139.0

avast!

Win32:Parite

2014.9-140326

AVG

Win32/Parite

2015.0.3523

Baidu Antivirus

Virus.Win32.Parite.$b

4.0.3.14326

Bitdefender

Win32.Parite.B

1.0.20.425

Bkav FE

W32.Pinfi.B

1.3.0.4959

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/18355

Comodo Security

Virus.Win32.Parite.gen

17997

Dr.Web

Win32.Parite.2

9.0.1.085

Emsisoft Anti-Malware

Win32.Parite

8.14.03.26.07

ESET NOD32

Win32/Parite

8.9599

Fortinet FortiGate

W32/Parite.B

3/26/2014

F-Prot

W32/Parite.B

v6.4.7.1.166

F-Secure

Win32.Parite.B

11.2014-26-03_4

G Data

Win32.Parite

14.3.24

IKARUS anti.virus

Virus.Parite

t3scan.2.2.29

K7 AntiVirus

Virus

13.176.11566

Kaspersky

Virus.Win32.Parite

14.0.0.4111

Malwarebytes

PUP.Optional.OptimumInstaller.A

v2014.03.26.07

McAfee

W32/Pate.b

5600.7179

Microsoft Security Essentials

Virus:Win32/Parite.B

1.10401

MicroWorld eScan

Win32.Parite.B

15.0.0.255

NANO AntiVirus

Virus.Win32.Parite.bgvo

0.28.0.58720

Norman

Pinfi.A

11.20140326

nProtect

Virus/W32.Parite.C

14.03.26.01

Panda Antivirus

W32/Parite.B

14.03.26.07

Qihoo 360 Security

Virus.Win32.Parite.H

1.0.0.1015

Quick Heal

W32.Perite.A

3.14.12.00

Reason Heuristics

PUP.Installer.WARPINSTALL.n

14.3.26.15

Rising Antivirus

PE:Win32.Parite.b!16043

23.00.65.14324

Sophos

W32/Parite-B

4.98

Total Defense

Win32/Pinfi.A

37.0.10841

Trend Micro House Call

PE_PARITE.A

7.2.85

Trend Micro

PE_PARITE.A

10.465.26

Vba32 AntiVirus

Virus.Win32.Parite.b

3.12.24.3

VIPRE Antivirus

Win32.Parite.b

27766

ViRobot

Win32.Parite.A

2011.4.7.4223

File size:

389 KB (398,292 bytes)

Product version:

1.3.7.2

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Adknowledge Fusion

Language:

English (United States)

Common path:

C:\documents and settings\administrateur\mes documents\downloads\avs_video_converter_8.4.1.540_full_cracked5ba45d.exe

Digital Signature

Signed by:

WARP INSTALL

Authority:

VeriSign, Inc.

Valid from:

10/4/2013 2:00:00 AM

Valid to:

9/21/2014 1:59:59 AM

Subject:

CN=WARP INSTALL, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WARP INSTALL, L=Kansas City, S=Missouri, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

52A35E3AC3B67E8CD7BB42D490658BBA

File PE Metadata

Compilation timestamp:

3/14/2014 7:31:48 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:FndL3LwyWRWaptn9e2d85XhDLdwW+NV5AwoC:zLweQ9eM85RdqNvKC

Entry address:

0x38000

Entry point:

68, 95, 38, 84, 01, 5B, BE, 1A, 80, 43, 00, 90, 90, BF, 98, 05, 00, 00, 31, 1C, 3E, 90, 90, 4F, 83, EF, 03, 75, F5, 90, 7D, 45, 85, 01, 95, 38, 84, 01, 95, 38, C4, 01, 4E, F6, 84, 01, B5, 65, 87, 01, 41, 5B, 87, 01, 95, 88, 86, 01, 94, 38, 84, 01, 9D, 48, C6, 01, 1F, 89, C6, 01, 03, 89, C6, 01, 79, A7, 86, 01, 1D, 89, 86, 01, 01, 89, 86, 01, 9D, 58, 86, 01, 1D, 89, 86, 01, 01, 89, 86, 01, 95, 38, 84, 01, 95, 38, 84, 01, 95, 38, 84, 01, 95, 38, 84, 01, BD, 48, C6, 01, 95, 38, 84, 01, 95, 38, 84, 01, 95, 38... 
[+]

Code size:

151 KB (154,624 bytes)

The file avs_video_converter_8.4.1.540_full_cracked5ba45d.exe has been seen being distributed by the following URL.

http://secure.4-pn-installer.com/o/.../AVS_Video_Converter_8.4.1.540_Full_Cracked5BA45D.exe

Remove avs_video_converter_8.4.1.540_full_cracked5ba45d.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.