home

downloadmanager.exe

Smart

OutBrowse LTD

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application downloadmanager.exe by OutBrowse has been detected as adware by 19 anti-malware scanners. The setup routine uses the RevenYou.Com Pay Per Install platform (OutBrowse) which bundles additional software offers inclduing toolbars, extensions, PC utilities as well as other PUPs. It is also typically executed from the user's temporary directory.
Publisher:
@  (signed by OutBrowse LTD)

Product:
Smart

Description:
Manages Products

Version:
1.0.0.1

MD5:
02163858c57e44e1fdafe0864482b1a5

SHA-1:
2204828640930f7147e0e6240252fbb58e0a72a3

SHA-256:
a0010262f553cef3eef6036c38f150ddfc1372bdbef646dcb93ef8aba579b0f2

Scanner detections:
19 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
4/26/2024 7:39:26 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.OutBrowse
2014.11.24

Avira AntiVirus
APPL/Downloader.Gen
7.11.152.184

AVG
Generic
2017.0.2839

Bkav FE
W32.Clode4f.Trojan
1.3.0.4613

Clam AntiVirus
Win.Adware.OutBrowse-4
0.98/21511

Comodo Security
Application.Win32.OutBrowse.D
20181

Dr.Web
Adware.Downware.1336
9.0.1.039

ESET NOD32
Win32/OutBrowse (variant)
10.10771

G Data
Win32.Application.OutBrowse
16.2.24

K7 AntiVirus
Trojan
13.185.14113

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
14.0.0.692

Malwarebytes
PUP.Optional.Smart
v2016.02.08.12

McAfee
Artemis!CFFF57D442EE
5600.6495

NANO AntiVirus
Trojan.Win32.OutBrowse.dflxvq
0.28.6.63474

Reason Heuristics
PUP.Outbrowse (M)
16.2.8.12

Sophos
OutBrowse Revenyou
4.98

Trend Micro House Call
Suspicious_GEN.F47V1110
7.2.39

Vba32 AntiVirus
Downloader.OutBrowse
3.12.24.3

XVirus List
Win.Detected
2.3.31

File size:
1.2 MB (1,211,960 bytes)

Product version:
1.0.0.1

Copyright:
(c). All rights reserved.

Original file name:
Smart.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\downloadmanager.exe

Digital Signature
Signed by:
OutBrowse LTD

Authority:
Symantec Corporation

Valid from:
2/26/2013 5:30:00 AM

Valid to:
2/27/2014 5:29:59 AM

Subject:
CN=OutBrowse LTD, O=OutBrowse LTD, L=Ramat Gan, S=Ramat Gan, C=IL, SERIALNUMBER=514686914, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
06C1C2AE3E180ADDA27BBF2BD8EAC0E7

File PE Metadata
Compilation timestamp:
5/29/2013 5:14:22 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:+5926Df4P9d1/ey0Q8tQw59eQ4zyiabULGyIQjAI4ypqu:ADwv1FcX4zHuwGxQsI4ypqu

Entry address:
0xD3E5D

Entry point:
E8, EE, 9C, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, 6C, AF, 50, 00, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, CA, A4, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, BA, A4, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, 19, 01, 00, 00, 8B, 4D, 10, 8D, 55, E8, 89, 53, FC, 8B, 5B, 0C, 89, 45, E8, 89, 4D, EC, 83, FB, FE, 74, 5F...
 
[+]

Entropy:
6.3209

Code size:
939.5 KB (962,048 bytes)

Remove downloadmanager.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.