home

downloadmanager.exe

Smart

OutBrowse LTD

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application downloadmanager.exe by OutBrowse has been detected as adware by 15 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs.
Publisher:
@  (signed by OutBrowse LTD)

Product:
Smart

Description:
Manages Products

Version:
1.0.0.1

MD5:
7fd9676bda1a39c74696faef495a0473

SHA-1:
0eccd5ac51e4cd217d23666c43d4a01e19b1a306

Scanner detections:
15 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/14/2024 6:10:35 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Downloader.Gen
7.11.152.184

AVG
MalSign.Generic
2016.0.3102

Bkav FE
W32.Clode4f.Trojan
1.3.0.4613

Comodo Security
Application.Win32.Agent.~BRO
17511

Dr.Web
Adware.Downware.1336
9.0.1.0142

ESET NOD32
Win32/OutBrowse
9.9190

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
14.0.0.2005

Malwarebytes
PUP.Optional.Smart
v2015.05.22.02

McAfee
Artemis!94146BB92788
5600.6758

NANO AntiVirus
Trojan.Win32.OutBrowse.crupsg
0.28.0.57029

Reason Heuristics
PUP.Outbrowse.Bundler
15.5.21.22

Sophos
OutBrowse Revenyou
4.98

Trend Micro House Call
TROJ_GEN.F47V1010
7.2.142

Vba32 AntiVirus
Downloader.OutBrowse
3.12.24.3

XVirus List
Win.Detected
2.3.31

File size:
1.3 MB (1,366,439 bytes)

Product version:
1.0.0.1

Copyright:
(c). All rights reserved.

Original file name:
Smart.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\downloadmanager.exe

Digital Signature
Signed by:
OutBrowse LTD

Authority:
Symantec Corporation

Valid from:
2/26/2013 12:00:00 AM

Valid to:
2/26/2014 11:59:59 PM

Subject:
CN=OutBrowse LTD, O=OutBrowse LTD, L=Ramat Gan, S=Ramat Gan, C=IL, SERIALNUMBER=514686914, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
06C1C2AE3E180ADDA27BBF2BD8EAC0E7

File PE Metadata
Compilation timestamp:
5/24/2013 11:59:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:lsh2hj73HNceVpyWjtBZ+6PgTtB1+eSHH1oPEoT4WlHaX2+KpBjl4:FjzlVpRrEtSeqHaPzT4WpaXpKpli

Entry address:
0xD37DD

Entry point:
BB, 66, 64, 29, 56, 93, E9, 20, 01, 00, 00, 17, BD, 20, 1C, C8, 4C, 20, 1C, D8, 16, B2, A0, A0, 20, A0, A0, 1C, A0, A0, A0, FF, D1, D6, D1, D0, D1, D9, D7, D6, A0, A0, A0, 14, 01, 1A, 05, 02, 01, 0D, 01, CE, 04, 0C, 0C, A0, A0, A0, A0, FC, A0, A0, A0, E6, 12, 05, 05, EC, 09, 02, 12, 01, 12, 19, A0, E3, 12, 05, 01, 14, 05, E4, 09, 12, 05, 03, 14, 0F, 12, 19, E1, A0, A0, A0, A0, E7, 05, 14, F7, 09, 0E, 04, 0F, 17, 13, E4, 09, 12, 05, 03, 14, 0F, 12, 19, E1, A0, A0, A0, A0, E7, 05, 14, ED, 0F, 04, 15, 0C, 05...
 
[+]

Code size:
937.5 KB (960,000 bytes)

Remove downloadmanager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.