home

download.exe

Alexey Kurilenko

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application download.exe by Alexey Kurilenko has been detected as adware by 23 anti-malware scanners. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.
Publisher:
Alexey Kurilenko  (signed and verified)

MD5:
0eec09c5e33f70dda0c6417dd29fa0f5

SHA-1:
76e7b42bbd6afc5b861c812e3fbb2009eb07e944

SHA-256:
1553003d5031a8ca627480a8fa775b90a50cacc65ce3cc6235fa1a2c8e85ba35

Scanner detections:
23 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
5/10/2024 6:51:58 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
AdWare.W32.MultiPlug
2.1.4+

Agnitum Outpost
PUA.MultiPlug
7.1.1

AhnLab V3 Security
PUP/Win32.MultiPlug
2014.10.22

Avira AntiVirus
Adware/MultiPlug.aob
7.11.180.122

avast!
Win32:MultiPlug-CI [PUP]
141003-0

AVG
Adware Generic5.BENU
2014.0.4040

Clam AntiVirus
Win.Trojan.Multiplug-9
0.98/21411

Comodo Security
Application.Win32.MultiPlug.PNU
19871

Dr.Web
Trojan.Crossrider.28215
9.0.1.05190

ESET NOD32
Win32/AdWare.MultiPlug.BF application
7.0.302.0

F-Prot
W32/A-5958afe0
v6.4.7.1.166

IKARUS anti.virus
not-a-virus:AdWare.MultiPlug
t3scan.1.7.8.0

K7 AntiVirus
Adware
13.184.13741

Kaspersky
not-a-virus:AdWare.Win32.MultiPlug
15.0.0.494

Malwarebytes
PUP.Optional.MultiPlug.A
v2014.10.22.06

McAfee
MultiPlug
5600.6970

NANO AntiVirus
Riskware.Win32.MultiPlug.ddsvpv
0.28.2.62841

nProtect
Trojan-Clicker/W32.MultiPlug.665976
14.10.21.01

Reason Heuristics
PUP.AlexeyKurilenko.I
14.10.22.6

Sophos
MultiPlug
4.98

Vba32 AntiVirus
Downware.MultiPlug.gen
3.12.26.3

VIPRE Antivirus
Threat.4150696
33706

Zillya! Antivirus
Adware.MultiPlug.Win32.57
2.0.0.1962

File size:
650.4 KB (665,976 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Alexey Kurilenko

Authority:
Unizeto Technologies S.A.

Valid from:
6/17/2014 3:20:17 PM

Valid to:
6/17/2015 3:20:17 PM

Subject:
E=Alexey.kurilenko@hotmail.com, CN=Alexey Kurilenko, O=Alexey Kurilenko, C=RU

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
15D51642691B3EE20985639A8FE865DD

File PE Metadata
Compilation timestamp:
8/6/2014 6:01:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:pZVunYav79cKnZxCAgX2QRkOSllkpGF57Lsth6RpoX/wR4u2G:rsp9cWZVnQecI7Q+pOEEG

Entry address:
0xC461

Entry point:
E8, 3E, 3C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, 9F, 41, 00, E8, 19, 16, 00, 00, E8, 0B, 3E, 00, 00, 0F, B7, F0, 6A, 02, E8, D1, 3B, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, C4, 2C, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
82.5 KB (84,480 bytes)

Remove download.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.