home

Britney Spears - Perfume.mp3.exe

To Having

Of Powdery

The application Britney Spears - Perfume.mp3.exe has been detected as a potentially unwanted program by 26 anti-malware scanners. This is a setup program which is used to install the application. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. The file has been seen being downloaded from stylestylelife.com and multiple other hosts.
Publisher:
Of Powdery

Product:
To Having

Description:
Of Uninebriated

Version:
1.8.8.8

MD5:
7e3c78ee02436b325d86ab7dd8980ca4

SHA-1:
725c98ac908a28ccedcdc24535679c29bae9b10c

SHA-256:
f6c275b50833ca9d859c4cdc83c001560ee3b52b9e35b6b7d603ffcf102a9142

Scanner detections:
26 / 68

Status:
Potentially unwanted

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/25/2024 2:50:57 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.16
6330919

AhnLab V3 Security
PUP/Win32.MultiPlug
2015.01.10

Avira AntiVirus
ADWARE/MultiPlug.Gen7
7.11.200.120

avast!
Win32:MultiPlug-DA [PUP]
150102-1

AVG
Adware Generic5.BIMM
2014.0.4253

Bitdefender
Gen:Variant.Application.Bundler.16
1.0.20.45

Bkav FE
HW32.Packed
1.3.0.6267

Comodo Security
Application.Win32.MultiPlug.PNU
20659

Dr.Web
Trojan.Crossrider.31895
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.16
9.0.0.4799

ESET NOD32
Win32/AdWare.MultiPlug.BS application
7.0.302.0

F-Prot
W32/A-90424497
v6.4.7.1.166

F-Secure
Riskware.Gen:Variant.Application.Bundler
5.13.68

G Data
Gen:Variant.Application.Bundler.16
15.1.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.190.14599

Kaspersky
not-a-virus:AdWare.Win32.MultiPlug
15.0.0.543

Malwarebytes
PUP.Optional.MultiPlug
v2015.01.09.09

McAfee
MultiPlug-FOQ
5600.6890

MicroWorld eScan
Gen:Variant.Application.Bundler.16
16.0.0.27

NANO AntiVirus
Riskware.Win32.MultiPlug.dekkbu
0.30.0.64448

Norman
Gen:Variant.Application.Bundler.16
02.01.2015 13:58:24

nProtect
Trojan-Clicker/W32.MultiPlug.747520
15.01.09.01

Rising Antivirus
PE:AdWare.Win32.MultiPlug.b!1075356081
23.00.65.15107

Sophos
PUA 'MultiPlug' (of type Adware)
5.09

Vba32 AntiVirus
Downware.MultiPlug.gen
3.12.26.3

File size:
730 KB (747,520 bytes)

Product version:
8.4.5.1

Copyright:
All rights reserved for Of Powdery LTD.

Original file name:
Britney Spears - Perfume.mp3.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\britney spears - perfume.mp3.exe

File PE Metadata
Compilation timestamp:
10/2/2012 12:15:08 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:P25iATXrwoKyTG1nsfz+RlrqHP0crYRxKrh68AVRzmalNwKs0P2Eu9V7R+XV7LT5:VUrH5z+RlrqH3WxKrxAvyONwF22JBR61

Entry address:
0x10CF7

Entry point:
E8, 9E, 3E, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, EF, 41, 00, E8, E3, 12, 00, 00, E8, 6B, 40, 00, 00, 0F, B7, F0, 6A, 02, E8, 31, 3E, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, F0, 04, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.8563  (probably packed)

Code size:
101 KB (103,424 bytes)

The file Britney Spears - Perfume.mp3.exe has been seen being distributed by the following 2 URLs.

http://stylestylelife.com/download/v2606?installer_file_name=Britney Spears - Perfume.mp3&product_file_name=converted file.mp3&product_title=ListenToYouTube.com&product_download_url=http://srv50.listentoyoutube.com/download/4pqYb21jmmdor6yq3JiTtGpkmGtoam1tm5rfhKKj3Jeih6iR1djXrZuV/Britney Spears - Perfume.mp3&product_name=Britney Spears - Perfume.mp3=2.3&layout_id=8&reffer=http://.../&for_html_installer=1&filesize=&st=0&uuid=zeIXHXV16LwyBZUNNTWALjTLdEElt09PoiTy4ZyhRineqPErgv7flkfIZZgn5MVvryBTv4qDi1g1ML1De6mW1V2lHPYUehZqf6cLtxSjmKIUuOlF98V38HnzTMiYTDneyheLule98l37fngQ3HBPouQJ92ieqX5q2bDvEZmbtcAsszANmh71AP3BYX9tNzpeE2KGSSeVHxYYp34HXqyDhIpH477SBcKXEYZXkqKQkyXAwCdhPwfJ08dw6gLrtIS8qx9oGFp8xBCGa1hO54ye7cPMoQSYQkZfDqdX40Vf4L7i8ThlVO2P95IcWW3ob9bkXdwXMUekx0FKngkrB3a65VENSZpGyAOhaLCUyAYytBykIneZLE7wNo5m0JKaxWJRB527IAjR0EQetGytlbY2sngqvF7oFKAgolCVQnnxGzsvqKzQUF5CnHB2k7NyEj9iLBEUiSQ4FNC6OzrS9zVqfy7FXijyqOKdUj8BaSvPOmnq72IbLraDSUBABOwMLIt3Vq1IsTwvzNRhnm2OQL

http://stylestylelife.com/v2606?product_name=Britney Spears - Perfume.mp3=2.3&product_title=ListenToYouTube.com&installer_file_name=Britney Spears - Perfume.mp3&product_file_name=converted file.mp3&product_download_url=http://srv50.listentoyoutube.com/download/.../Britney Spears - Perfume.mp3

Remove Britney Spears - Perfume.mp3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.