ce47f3ca-ebb1-a8cb-0bb5-0f9555638e68_1d1d2208af7f8e3
Program Setup
SecuredDownload
The file ce47f3ca-ebb1-a8cb-0bb5-0f9555638e68_1d1d2208af7f8e3 has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from tmpfile7631.s3.amazonaws.com.
File name:
ce47f3ca-ebb1-a8cb-0bb5-0f9555638e68_1d1d2208af7f8e3
Publisher:
SecuredDownload
MD5:
e8f4debf6b374ca4ed60f48945eabac3
SHA-1:
e068cea5700731b220752e4c242c6ba9464852ed
Scanner detections:
1 / 68
Status:
Potentially unwanted
Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.
Analysis date:
6/2/2024 9:06:10 PM UTC (today)
Scan engine
Detection
Engine version
Reason Heuristics
PUP.InstallCore (L)
16.7.16.22
File size:
915.9 KB (937,880 bytes)
Product version:
1.0.5.a0.1_59214
Copyright:
SecuredDownload
Language:
Language Neutral
Common path:
C:\ProgramData\microsoft\microsoft antimalware\scans\filesstash\ce47f3ca-ebb1-a8cb-0bb5-0f9555638e68_1d1d2208af7f8e3
The file ce47f3ca-ebb1-a8cb-0bb5-0f9555638e68_1d1d2208af7f8e3 has been seen being distributed by the following URL.