home

chomikuj-artisteer.exe

The application chomikuj-artisteer.exe has been detected as a potentially unwanted program by 24 anti-malware scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from get2.downvision.com.
MD5:
faf318a31bfe47a0dd820e52d732cca6

SHA-1:
a66a36dba3bd221e73acd6f3b1dfe5a5401edd97

SHA-256:
2df01f658afeda7a62f3170dd04865be5628b73c51caa4368134370b3635ed20

Scanner detections:
24 / 68

Status:
Potentially unwanted

Analysis date:
5/6/2024 6:35:22 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.122674
5821412

Agnitum Outpost
Trojan.Zusy
7.1.1

AhnLab V3 Security
Adware/Win32.DownVision
2014.11.21

Avira AntiVirus
TR/Offend.KD.569515
7.11.30.172

avast!
Adware-gen [Adw]
141119-1

AVG
Potentially harmful program Downloader.AJG
2014.0.4189

Bitdefender
Gen:Variant.Adware.Graftor.122674
1.0.20.1625

Bkav FE
W32.Clod1b1.Trojan
1.3.0.4959

Clam AntiVirus
Win.Trojan.Agent-772685
0.98/19661

Dr.Web
Threat.Undefined
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.122674
9.0.0.4570

ESET NOD32
Win32/DownVision.AA potentially unwanted application
7.0.302.0

F-Prot
W32/Trojan2.NQMI
4.6.5.141

F-Secure
Gen:Variant.Adware.Graftor.122674
11.2014-21-11_6

G Data
Gen:Variant.Adware.Graftor.122674
14.11.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.8.3.0

K7 AntiVirus
Riskware
13.185.14085

Malwarebytes
Trojan.Agent
v2014.11.21.07

MicroWorld eScan
Gen:Variant.Adware.Graftor.122674
15.0.0.975

NANO AntiVirus
Riskware.Win32.Downware.xilpd
0.28.6.63474

Qihoo 360 Security
Malware.QVM13.Gen
1.0.0.1015

SUPERAntiSpyware
Trojan.Agent/Gen-DownVision
10224

Total Defense
Win32/multibar!dropper
37.0.11291

VIPRE Antivirus
Threat.4657539
34948

File size:
3.5 MB (3,649,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\chomikuj-artisteer.exe

File PE Metadata
Compilation timestamp:
3/15/2012 3:44:43 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:atGCrXdNb7sFMiMZ5KRcPp0VsAZqnrp9:2RNAWXZjp0mVnr

Entry address:
0x564001

Entry point:
F8, E8, 03, 00, 00, 00, E9, EB, 04, 5D, 45, 55, C3, E8, 01, 00, 00, 00, EB, 5D, BB, ED, FF, FF, FF, 03, DD, 81, EB, 00, 40, 56, 00, 83, BD, 7D, 04, 00, 00, 00, 89, 9D, 7D, 04, 00, 00, 0F, 85, C0, 03, 00, 00, 8D, 85, 89, 04, 00, 00, 50, FF, 95, 09, 0F, 00, 00, 89, 85, 81, 04, 00, 00, 8B, F0, 8D, 7D, 51, 57, 56, FF, 95, 05, 0F, 00, 00, AB, B0, 00, AE, 75, FD, 38, 07, 75, EE, 8D, 45, 7A, FF, E0, 56, 69, 72, 74, 75, 61, 6C, 41, 6C, 6C, 6F, 63, 00, 56, 69, 72, 74, 75, 61, 6C, 46, 72, 65, 65, 00, 56, 69, 72, 74...
 
[+]

Code size:
1.7 MB (1,825,792 bytes)

The file chomikuj-artisteer.exe has been seen being distributed by the following URL.

http://get2.downvision.com/get?id=64433&name=Y2hvbWlrdWotYXJ0aXN0ZWVy&ext

Remove chomikuj-artisteer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.