home

تحت_ضلال_السيوف_downloader.exe

SimpleFiles Installer

Fasters INC

The application تحت_ضلال_السيوف_downloader.exe by Fasters INC has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the SimpleFiles installer. According to AVG, this software downloads additional adware offers during setup.
Publisher:
New Monte Inc  (signed by Fasters INC)

Product:
SimpleFiles Installer

Version:
1, 0, 604, 1

MD5:
1768bbc054b88cb85ceaa6dba0dee43c

SHA-1:
9be3b8f1b1ab73d9e66da35eeaaeda2e4087ad6d

SHA-256:
0ae437401deacde5da4f66d00461a49ab8cb3f8ec596289d75a102dacfab111f

Scanner detections:
17 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/25/2024 9:30:29 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Kazy.586246
678

Agnitum Outpost
Riskware.Agent
7.1.1

avast!
Win32:Adware-gen [Adw]
2014.9-150328

AVG
Downloader
2016.0.3156

Bitdefender
Gen:Variant.Kazy.586246
1.0.20.435

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Virus.Win32.Virut.CE
21575

Dr.Web
Adware.Downware.10616
9.0.1.087

Emsisoft Anti-Malware
Gen:Variant.Kazy.586246
8.15.03.28.10

ESET NOD32
Win32/ExpressDownloader.K potentially unwanted application
9.7.0.302.0

F-Secure
Gen:Variant.Kazy.586246
11.2015-28-03_7

G Data
Gen:Variant.Kazy.586246
15.3.25

herdProtect (fuzzy)
variant of uninstall.exe (Adware)
2015.7.3.9

K7 AntiVirus
Adware
13.202.15414

MicroWorld eScan
Gen:Variant.Kazy.586246
16.0.0.261

Reason Heuristics
PUP.Bundler.Fasters
15.3.28.22

VIPRE Antivirus
Threat.4150696
38882

File size:
4.1 MB (4,295,408 bytes)

Product version:
1.0.0.1

Copyright:
Copyright http://simple-files.com (C) 2014

Original file name:
SimpleFilesInstaller.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SimpleFiles

Language:
English

Common path:
C:\users\{user}\downloads\???_????_??????_downloader.exe

Digital Signature
Signed by:
Fasters INC

Authority:
Fasters INC

Valid from:
2/9/2015 3:04:04 PM

Valid to:
2/9/2016 3:04:04 PM

Subject:
CN=fasters.com, O=Fasters INC, S=London, C=UK

Issuer:
CN=fasters.com, C=UK, S=London, L=London, E=admin@fasters.com, O=Fasters INC

Serial number:
100001

File PE Metadata
Compilation timestamp:
3/23/2015 4:03:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
98304:B2JIiVeI8MtZt4w7IDtrwNluJPblGZbgtwh/Lox7GIYR1e:cJIo5tn76rwNcVgZbKwhsxyIYve

Entry address:
0x81BF4C

Entry point:
60, 9C, C7, 44, 24, 20, 28, A8, 0E, 1B, E8, 35, ED, FF, FF, 8D, 64, 24, 0C, E8, 9F, 54, CE, FF, 66, F7, D9, 01, 45, E0, E8, 7F, 74, C5, FF, 8D, 64, 24, 10, 0F, 86, 66, 52, C5, FF, 66, 87, F9, 8B, 7A, 24, 8D, 99, B0, 80, 59, 91, 01, C7, 66, FF, CB, 66, 0F, BA, F1, 04, D2, FD, 8B, 5A, 20, E9, 11, C5, FF, FF, E8, AB, E4, C6, FF, 50, 01, 73, F1, A6, 5B, F0, 6B, A5, 7F, 24, 15, F9, 45, C2, 87, BC, 5D, 04, C0, D1, 46, 3D, F4, 97, 6F, A5, 33, 60, 50, BF, EB, 70, 92, 70, 50, 01, 78, E3, 61, 59, A7, 5B, F0, 6C, 8E...
 
[+]

Code size:
1000.5 KB (1,024,512 bytes)

Remove تحت_ضلال_السيوف_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.