home

– box de zé ramalho – 20 anos de carreira 3 cds.zip.exe

BR SOFTWARE LLC

The application – box de zé ramalho – 20 anos de carreira 3 cds.zip.exe by BR SOFTWARE has been detected as adware by 27 anti-malware scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from www.onlinemidia.com.
Publisher:
BR SOFTWARE LLC  (signed and verified)

Version:
1.0.0.0

MD5:
b866d90e36698cfc31fb970c8bbf3e2a

SHA-1:
ba8fc384fe0ce4916b5cc46da7093a6d5c0a9b08

SHA-256:
2ab1935a4c55fad861eb14a3a953c5e9390e90d3e00cc80dcda9f27043dc19ff

Scanner detections:
27 / 68

Status:
Adware

Analysis date:
4/25/2024 6:26:59 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.8485298
953

Avira AntiVirus
Adware/PCMega.R
7.11.140.122

avast!
MSIL:Downloader-IO [PUP]
2014.9-140627

AVG
Downloader.ILAgent
2015.0.3431

Baidu Antivirus
Adware.MSIL.PCMega
4.0.3.14627

Bitdefender
Trojan.Generic.8485298
1.0.20.890

Comodo Security
UnclassifiedMalware
18029

Dr.Web
Trojan.DownLoader7.39867
9.0.1.0178

Emsisoft Anti-Malware
Trojan.Generic.8485298
8.14.06.27.09

ESET NOD32
MSIL/Adware.PCMega (variant)
8.9621

Fortinet FortiGate
Adware/Fam.NB
6/27/2014

F-Secure
Trojan.Generic.8485298
11.2014-27-06_6

G Data
Trojan.Generic.8485298
14.6.24

IKARUS anti.virus
SoftwareBundler
t3scan.2.2.29

K7 AntiVirus
Riskware
13.176.11623

McAfee
RDN/Generic PUP.x!jy
5600.7087

Microsoft Security Essentials
SoftwareBundler:MSIL/Protlerdob
1.10401

MicroWorld eScan
Trojan.Generic.8485298
15.0.0.534

NANO AntiVirus
Trojan.Win32.Generic.bcudhu
0.28.0.58720

nProtect
Trojan.Generic.8485298
14.04.01.01

Panda Antivirus
Generic Malware
14.06.27.09

Qihoo 360 Security
Win32/Trojan.adware.c07
1.0.0.1015

Reason Heuristics
PUP.BRSOFTWARE.t
14.6.27.9

Sophos
Mal/Generic-L
4.98

Trend Micro House Call
TROJ_SPNR.08A013
7.2.178

Trend Micro
TROJ_SPNR.08A013
10.465.27

VIPRE Antivirus
MSIL.Adware.PCMega
27922

File size:
21 KB (21,496 bytes)

Product version:
1.0.0.0

Original file name:
downloadf.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ – box de zé ramalho – 20 anos de carreira 3 cds.zip.exe

Digital Signature
Signed by:
BR SOFTWARE LLC

Authority:
GoDaddy.com, Inc.

Valid from:
12/17/2012 9:09:14 PM

Valid to:
4/17/2013 4:03:06 PM

Subject:
CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, L=Lewes, S=DE, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B4E215C16A337

File PE Metadata
Compilation timestamp:
12/17/2012 9:07:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:DHMKM+QeYh3SvW+Q10JgF56Q/9Sjd+1dENeLNek+vDRbb2S:4SIBfHXdu/

Entry address:
0x4DDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 60, 00, 00, 80, 10, 00, 00, 00, 78, 00, 00, 80, 18, 00, 00, 00, 90, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 02, 00, 00, 00, A8, 00, 00, 80, 03, 00, 00, 00, C0, 00, 00, 80, 04, 00, 00, 00, D8, 00, 00, 80, 05, 00, 00, 00, F0, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
11.5 KB (11,776 bytes)

The file – box de zé ramalho – 20 anos de carreira 3 cds.zip.exe has been seen being distributed by the following URL.

http://www.onlinemidia.com/ids/.../Um Amor Para Recordar.zip

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.