home

borderlands_2_ultimate_edition_1_7_incl_all_24_dlc_[eng]_repack_.exe

INSTALL DOT EXE

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application borderlands_2_ultimate_edition_1_7_incl_all_24_dlc_[eng]_repack_.exe, “Premium Installer ” by INSTALL DOT EXE has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Premium Installer   (signed by INSTALL DOT EXE)

Product:
Premium Installer

Description:
Premium Installer

Version:
2.4.8.1

MD5:
0823aefc4abcefea51e4854ce0b25290

SHA-1:
9837d252a24fa86c97b579fbd6df6004989d6898

SHA-256:
8a18f69c9c5c05aebca98113256c034e49b6ab24daceee2709679967fbd18d94

Scanner detections:
24 / 68

Status:
Adware

Explanation:
This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/19/2024 8:21:01 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.OptimumInstaller.1
833

Agnitum Outpost
PUA.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.IBryte
2014.10.25

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.181.10

AVG
Adware Skodna.Generic.AVJ
2014.0.4040

Bitdefender
Gen:Variant.Application.Bundler.OptimumInstaller.1
1.0.20.1485

Clam AntiVirus
Win.Adware.Agent-7113
0.98/21411

Comodo Security
Application.Win32.AgentCV.HWYE
19887

Dr.Web
Adware.Downware.2165
9.0.1.05190

ESET NOD32
Win32/AdWare.iBryte.Q application
7.0.302.0

Fortinet FortiGate
Riskware/Generic.AC.2152290
10/24/2014

F-Prot
W32/A-512ed8f8
v6.4.7.1.166

F-Secure
Gen:Variant.Application.Bundler
11.2014-24-10_6

G Data
Gen:Variant.Application.Bundler.OptimumInstaller
14.10.24

K7 AntiVirus
Unwanted-Program
13.185.13789

Malwarebytes
PUP.Optional.OptimumInstaller.A
v2014.10.24.04

MicroWorld eScan
Gen:Variant.Application.Bundler.OptimumInstaller.1
15.0.0.891

NANO AntiVirus
Trojan.Win32.Downware.ctroza
0.28.2.62841

Reason Heuristics
PUP.Installer.INSTALLDOTEXE.
14.10.24.15

Rising Antivirus
PE:Malware.iBryte!6.14BE
23.00.65.141022

Sophos
iBryte Optimum Installer
4.98

Vba32 AntiVirus
Trojan.Buzus
3.12.26.3

VIPRE Antivirus
Threat.4778314
33706

Zillya! Antivirus
Backdoor.PePatch.Win32.37929
2.0.0.1966

File size:
530.3 KB (543,016 bytes)

Product version:
2.4.8.1

Copyright:
Copyright (C) 2013 Premium Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Adknowledge Fusion

Language:
English (United States)

Common path:
C:\users\{user}\downloads\borderlands_2_ultimate_edition_1_7_incl_all_24_dlc_[eng]_repack_.exe

Digital Signature
Signed by:
INSTALL DOT EXE

Authority:
VeriSign, Inc.

Valid from:
10/3/2013 5:00:00 PM

Valid to:
9/20/2014 4:59:59 PM

Subject:
CN=INSTALL DOT EXE, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=INSTALL DOT EXE, L=Kansas City, S=Missouri, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4C8303B332693FCF64E1E7DFD7841493

File PE Metadata
Compilation timestamp:
2/14/2014 9:30:12 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:ItohBldpQEQyy8W/kcZsRjjcMb+RjuEzpSY:I2vl88W/UXb+RjuRY

Entry address:
0x35E39

Entry point:
E8, BB, 8D, 00, 00, E9, 78, FE, FF, FF, 6A, 0C, 68, 60, 5D, 47, 00, E8, 41, 36, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 1C, 03, 48, 00, 77, 22, 6A, 04, E8, BE, 8F, 00, 00, 59, 83, 65, FC, 00, 56, E8, 20, 9D, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 4D, 36, 00, 00, C3, 6A, 04, E8, A1, 8E, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 83, 3D, 74, EF, 47, 00, 00, 75, 18, E8, F2, 82, 00, 00, 6A, 1E, E8, 1A, 81, 00, 00, 68, FF, 00, 00, 00, E8, E3, 4D, 00, 00, 59, 59, A1...
 
[+]

Entropy:
6.4320

Code size:
393 KB (402,432 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.