home

download the messengers 1 temporada completa dublado e legendado.exe

MINDSTORM LLC

The application download the messengers 1 temporada completa dublado e legendado.exe by MINDSTORM has been detected as adware by 28 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from www.getld.space.
Publisher:
MINDSTORM LLC  (signed and verified)

MD5:
3507dacaf9b22adfe52a2272aa06048f

SHA-1:
10ec158ef049a979bf2c5e47b234e86b1c7bf2e0

SHA-256:
1337034cba637bb86a0f3d29f71a916819be7645858dd4344358c52d5f94e416

Scanner detections:
28 / 68

Status:
Adware

Analysis date:
5/17/2024 5:01:43 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Adload.G
5734311

AhnLab V3 Security
PUP/Win32.Bundler
2015.06.10

Avira AntiVirus
TR/Dldr.Adload.dmoum
8.3.1.6

Arcabit
Adware.Adload.G
1.0.0.425

avast!
Downloader-ACE [PUP]
150602-1

AVG
Downloader.NSIS
2014.0.4311

Baidu Antivirus
Adware.Win32.Genome
4.0.3.15610

Bitdefender
Adware.Adload.G
1.0.20.805

Comodo Security
TrojWare.Win32.TrojanDownloader.Adload.AGGL
22402

Dr.Web
Trojan.Fraudster.1564
9.0.1.05190

Emsisoft Anti-Malware
Adware.Adload
10.0.0.5366

ESET NOD32
NSIS/TrojanDownloader.Adload.AM trojan
7.0.302.0

Fortinet FortiGate
Adware/AdloadAM
6/10/2015

F-Secure
Adware.Adload.G
11.2015-10-06_4

G Data
Adware.Adload
15.6.25

K7 AntiVirus
Unwanted-Program
13.204.16191

Kaspersky
Trojan-Downloader.Win32.Genome
15.0.0.543

McAfee
Trojan.Artemis!3507DACAF9B2
17.6.569.0

MicroWorld eScan
Adware.Adload.G
16.0.0.483

NANO AntiVirus
Trojan.Nsis.Nurjax.drxdjs
0.30.24.2086

Norman
Adware.Adload.G
02.06.2015 14:23:46

nProtect
Trojan-Downloader/W32.Genome.70712
15.06.09.01

Reason Heuristics
PUP.Installer.MINDSTORM
15.6.10.0

Sophos
PUA 'AdLoad' (of type Adware)
5.15

Trend Micro House Call
TROJ_GEN.R021C0EEK15
7.2.161

Trend Micro
TROJ_GEN.R021C0EEK15
10.465.10

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

VIPRE Antivirus
Threat.4785227
40828

File size:
69.1 KB (70,712 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\download the messengers 1 temporada completa dublado e legendado.exe

Digital Signature
Signed by:
MINDSTORM LLC

Authority:
Starfield Technologies, Inc.

Valid from:
4/17/2015 1:55:38 PM

Valid to:
1/29/2016 12:16:38 PM

Subject:
CN=MINDSTORM LLC, O=MINDSTORM LLC, L=Lewes, S=Delaware, C=US

Issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
521E460BE5DA1DE8

File PE Metadata
Compilation timestamp:
12/5/2009 8:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:iQpQ5EP0ijnRTXJz5Q/F9CwEdw5NeCGfK2qd5tHCdhq:iQIURTXJz5uM6nKfideq

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file download the messengers 1 temporada completa dublado e legendado.exe has been seen being distributed by the following URL.

http://www.getld.space/ids/.../Download The Messengers 1 Temporada Completa Dublado e Legendado.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.