home

dragon city hack.exe

TrUsted APpS ddd

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application dragon city hack.exe by TrUsted APpS ddd has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. According to AVG, this software downloads additional adware offers during setup.
Publisher:
KJQXF  (signed by TrUsted APpS ddd)

Product:
KJQXF

Version:
6582.15530.1336.1042

MD5:
7acf8dde66f2f4000dd94c2ec336ab82

SHA-1:
f84685ff6e0b68a32f8009144835d42fac7ef7b1

SHA-256:
8d4656499be9a35de235d4d8828958d1fab91075a9250fbfb9316572cc72d057

Scanner detections:
24 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
5/12/2024 5:42:41 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Dropped:Trojan.Generic.14634117
5778184

Agnitum Outpost
PUA.OutBrowse
7.1.1

AhnLab V3 Security
PUP/Win32.OutBrowse
2015.06.15

Arcabit
Trojan.Generic.DDF4C85
1.0.0.425

avast!
Malware-gen
150602-1

AVG
Downloader
2016.0.3078

Bitdefender
Dropped:Trojan.Generic.14634117
1.0.20.825

Dr.Web
Trojan.OutBrowse.790
9.0.1.05190

Emsisoft Anti-Malware
Dropped:Trojan.Generic.14634117
10.0.0.5366

ESET NOD32
Win32/OutBrowse.CE potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
6/14/2015

F-Secure
Dropped:Trojan.Generic.14634117
5.14.151

G Data
Dropped:Trojan.Generic.14634117
15.6.25

IKARUS anti.virus
PUA.OutBrowse
t3scan.1.9.5.0

K7 AntiVirus
Unwanted-Program
13.205.16237

McAfee
Program.Adware-OutBrowse.g
17.6.569.0

MicroWorld eScan
Dropped:Trojan.Generic.14634117
16.0.0.495

NANO AntiVirus
Trojan.Win32.OutBrowse.dsioss
0.30.24.2086

Norman
Dropped:Trojan.Generic.14634117
02.06.2015 14:23:46

Quick Heal
PUA.OutBrowse.A
6.15.14.00

Reason Heuristics
PUP.Outbrowse.Bundler
15.6.14.18

Trend Micro House Call
TROJ_GE.F3C7BDB7
7.2.165

Trend Micro
TROJ_GE.F3C7BDB7
10.465.14

VIPRE Antivirus
Threat.4150696
40786

File size:
744.2 KB (762,064 bytes)

Product version:
6582.15530.1336.1042

Copyright:
KJQXF

Trademarks:
KJQXF

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\dragon city hack.exe

Digital Signature
Signed by:
TrUsted APpS ddd

Authority:
thawte, Inc.

Valid from:
5/28/2015 3:00:00 AM

Valid to:
1/28/2016 1:59:59 AM

Subject:
CN=TrUsted APpS ddd, O=TrUsted APpS ddd, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
2B1D177ADFDCE1D3164D7E7BBDE3E63E

File PE Metadata
Compilation timestamp:
12/6/2009 12:52:12 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:61+tENXbgy+VybjqrDzfCMhcScIiklUxeJyM20g97FupWVkJfmQaRfc8vy4h:61+i5l+qqfzaMKScIVk0G0Q7FupWVkJp

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 1C, 45, 00, E8, F1, 2B, 00, 00, A3, 64, 1B, 45, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 37, 43, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, DB, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, A0, 47, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9839

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove dragon city hack.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.