dlg.exe

Cyberservices B.V.

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application dlg.exe by Cyberservices B.V has been detected as adware by 4 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer.
Remove dlg.exe - Powered by Reason Core Security
Publisher:
Cyberservices B.V.  (signed and verified)

MD5:
7a65e1e03f763fcff4d4b003be136bca

SHA-1:
f1b5d870b688f97495b0d034207be991be5a88c7

SHA-256:
4a3877ff71e95d106e10e910039f6fe9d6b628cecedb94841d49253f98c4c053

Scanner detections:
4 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/4/2016 5:11:33 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/DownloadGuide.A potentially unwanted application
7.0.302.0

F-Secure
Adware:W32/Buzzrin
11.2014-10-06_3

Reason Heuristics
PUP.CyberservicesBV.D
14.6.10.10

VIPRE Antivirus
Threat.4890059
30086

Remove dlg.exe - Powered by Reason Core Security
File size:
457.9 KB (468,912 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou

Language:
English (United States)

Digital Signature
Authority:
COMODO CA Limited

Valid from:
2/10/2014 1:00:00 AM

Valid to:
2/11/2016 12:59:59 AM

Subject:
CN=Cyberservices B.V., O=Cyberservices B.V., STREET=Keizersgracht 62-64 NL, L=Amsterdam, S=Nordholland, PostalCode=1015CS, C=NL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
797CAC4561E8B8B21910CD01E0002669

File PE Metadata
Compilation timestamp:
6/6/2014 9:59:28 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:xqiYD1rcPt3QC/8Y5LUjUJIDaM+zTlztEtuKGdk8yF6GH8VPflPraKm33Bo0WtCN:xYcPtTX5RYX+zZ4vuVX1Hh0WtC7uM1vR

Entry address:
0x1C994

Entry point:
E8, A0, 48, 00, 00, E9, 89, FE, FF, FF, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 0C, DE, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF...
 
[+]

Code size:
170.5 KB (174,592 bytes)

Remove dlg.exe - Powered by Reason Core Security