» downloadssd.exe
Overview
Analysis
File Details
Downloads (1)

downloadssd.exe

Safe and Sound Downloader

Install Manager

This adware bundler is distributed through Adknowledge's advertising supported software managers. The application downloadssd.exe, “Safe and Sound Downloader ” by Install Manager has been detected as adware by 23 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from dl.xdisc.biz.

File name:

downloadssd.exe

Publisher:

Install Manager (signed by Install Manager)

Product:

Safe and Sound Downloader

Description:

Safe and Sound Downloader

Version:

2.0.70.0

MD5:

e11fadfbffbb12b6d727e8ef579f2bae

SHA-1:

0ec9b6d08f132ab7042b1293a7c5bed9cd9704b8

SHA-256:

b029b5aa1390f8212c06089b4c15bd9cd951c5654a4f2a6dbcbd90fb69e09b8e

Scanner detections:

23 / 68

Status:

Adware

Explanation:

This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

5/15/2024 5:45:39 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.Graftor.155900

854

AegisLab AV Signature

AdWare.W32.AirAdInstaller

2.1.4+

Agnitum Outpost

PUA.AirAd

7.1.1

AhnLab V3 Security

PUP/Win32.Installer

2014.10.04

Avira AntiVirus

ADWARE/Adware.Gen

7.11.176.130

AVG

Generic

2015.0.3332

Bitdefender

Gen:Variant.Application.Bundler.Graftor.155900

1.0.20.1380

Clam AntiVirus

Win.Trojan.Application-574

0.98/19476

Dr.Web

Trojan.SMSSend.5417

9.0.1.05190

ESET NOD32

Win32/AirAdInstaller.A potentially unwanted application

7.0.302.0

F-Prot

W32/A-ad198980

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Bundler

11.2014-03-10_6

G Data

Gen:Variant.Application.Bundler.Graftor.155900

14.10.24

IKARUS anti.virus

PUA.AirAdInstaller

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.183.13550

Malwarebytes

PUP.Optional.AirInstaller

v2014.10.03.03

MicroWorld eScan

Gen:Variant.Application.Bundler.Graftor.155900

15.0.0.828

NANO AntiVirus

Trojan.Win32.SMSSend.devyzq

0.28.2.62440

Reason Heuristics

PUP.Installer.InstallManager.L

14.10.3.14

Rising Antivirus

PE:PUF.Airinstall!1.9C4C

23.00.65.141001

Sophos

AirInstaller

4.98

Vba32 AntiVirus

AdWare.AirAdInstaller

3.12.26.3

VIPRE Antivirus

Threat.4665102

33624

File size:

908.4 KB (930,216 bytes)

Product version:

2.0.70.0

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Adknowledge Fusion

Language:

English (United States)

Common path:

C:\users\{user}\downloads\downloadssd.exe

Digital Signature

Signed by:

Install Manager

Authority:

DigiCert Inc

Valid from:

8/7/2013 4:00:00 AM

Valid to:

8/11/2015 4:00:00 PM

Subject:

CN=Install Manager, O=Install Manager, L=Victoria, S=British Columbia, C=CA

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

06C0BBB90999729C33560EC18A203261

File PE Metadata

Compilation timestamp:

9/3/2014 11:51:45 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:lf0yGan8aHw5JY4/hwjoRzwIbn7h9evqQMoXWtp:lf0yGcw5JZeoJwEn7KMoXWt

Entry address:

0x2A0700

Entry point:

60, BE, 00, E0, 5C, 00, 8D, BE, 00, 30, E3, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Packer / compiler:

UPX 2.90LZMA

Code size:

844 KB (864,256 bytes)

The file downloadssd.exe has been seen being distributed by the following URL.

http://dl.xdisc.biz/get/click/.../?sid=74209&filename=downloadssd

Remove downloadssd.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.