home

downloadacceleratorsetup.exe

The application downloadacceleratorsetup.exe has been detected as a potentially unwanted program by 25 anti-malware scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.ultimatedownloadaccelerator.com.
MD5:
e4c4049ae4def15daf18c8167196c86d

SHA-1:
39c36b04b1927a22a1e2877dd46f0d5f17f95ed2

SHA-256:
2e1283a0cc21ab3942af31e11b878bca9345188e1116aa2a7f5f8a68363287b5

Scanner detections:
25 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/20/2024 3:27:35 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Generic.454347
782

Agnitum Outpost
PUA.InstallCore
7.1.1

Avira AntiVirus
APPL/Downloader.Gen6
7.11.183.128

avast!
Win32:InstallCore-FV [PUP]
141025-0

AVG
Adware InstallCore.CD
2014.0.4189

Bitdefender
Adware.Generic.454347
1.0.20.1740

Bkav FE
W32.HfsAutoA
1.3.0.4959

Comodo Security
Application.Win32.ClickRun.A
20005

Dr.Web
Adware.InstallCore.59
9.0.1.05190

Emsisoft Anti-Malware
Adware.Generic.454347
8.14.12.14.09

ESET NOD32
Win32/InstallCore.AK potentially unwanted application
7.0.302.0

F-Prot
W32/InstallCore.V2.gen
4.6.5.141

F-Secure
Adware.Generic.454347
11.2014-14-12_1

G Data
Adware.Generic.454347
14.12.24

K7 AntiVirus
Unwanted-Program
13.185.13930

Malwarebytes
PUP.Adware.InstallCore
v2014.11.06.11

MicroWorld eScan
Adware.Generic.454347
15.0.0.930

NANO AntiVirus
Trojan.Win32.InstallCore.cqthpr
0.28.6.62995

Panda Antivirus
PUP/MultiToolbar.A
14.12.14.09

Reason Heuristics
Threat.Win.Reputation.IMP
14.12.14.21

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.141104

Sophos
Install Core Click run software
4.98

SUPERAntiSpyware
Adware.InstallCore
10254

Trend Micro House Call
TROJ_GEN.RCBH1HA
7.2.348

VIPRE Antivirus
Click run software
34562

File size:
1 MB (1,059,600 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\downloadacceleratorsetup.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Pvp9uTe4g67FdzvB6g34o+6ON/7H520ykHfveo6lJ+:HpbIIoXON/7H0MHeocJ

Entry address:
0xC63C0

Entry point:
55, 8B, EC, 83, C4, F0, B8, B4, E3, 40, 00, E8, 64, E7, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
812 KB (831,488 bytes)

The file downloadacceleratorsetup.exe has been seen being distributed by the following URL.

http://www.ultimatedownloadaccelerator.com/default/ga/.../?dl=1

Remove downloadacceleratorsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.