home

downloader_10924_i62709058_il345.exe

TeamViewer

A4 TOV

The application downloader_10924_i62709058_il345.exe by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
TeamViewer GmbH  (signed by A4 TOV)

Product:
TeamViewer

Description:
TeamViewer 10

Version:
10.0.45862.0

MD5:
9600034e3a294e08596aab91653d7da8

SHA-1:
2dfb7f9795d10092d11bfea01a04818f634f6a4e

SHA-256:
81a1248b719b8b646627f5aba5e3d8086f3e505b85eef5058e68aabac365deac

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/13/2024 7:00:00 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
17.2.28.3

File size:
2.1 MB (2,212,832 bytes)

Product version:
10.0

Copyright:
TeamViewer GmbH

Trademarks:
TeamViewer

Original file name:
TeamViewer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\downloader_10924_i62709058_il345.exe

Digital Signature
Signed by:
A4 TOV

Authority:
COMODO CA Limited

Valid from:
9/16/2015 8:00:00 PM

Valid to:
9/16/2016 7:59:59 PM

Subject:
CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata
Compilation timestamp:
9/22/2015 6:32:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x44100B

Entry point:
68, 23, 57, 15, 91, E8, 2D, 11, E4, FF, 00, 00, 00, 47, 65, 74, 4C, 6F, 63, 61, 6C, 65, 49, 6E, 66, 6F, 57, 00, 00, 00, 00, 4C, 65, 61, 76, 65, 43, 72, 69, 74, 69, 63, 61, 6C, 53, 65, 63, 74, 69, 6F, 6E, 00, 00, 00, 00, 43, 72, 79, 70, 74, 44, 65, 73, 74, 72, 6F, 79, 4B, 65, 79, 00, 00, 00, 53, 65, 74, 46, 69, 6C, 65, 50, 6F, 69, 6E, 74, 65, 72, 00, 00, 00, 00, 52, 65, 67, 69, 73, 74, 65, 72, 43, 6C, 61, 73, 73, 45, 78, 57, 00, 51, 2E, 64, 6F, 53, 3A, 20, A4, 90, B9, 55, 4B, 64, 6F, 1F, F1, FB, 9A, 90, 39...
 
[+]

Code size:
2.1 MB (2,166,272 bytes)

Remove downloader_10924_i62709058_il345.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.