home

facebook password finder 2014.exe

task

Alexey Kurilenko

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application facebook password finder 2014.exe by Alexey Kurilenko has been detected as adware by 21 anti-malware scanners. This is a setup program which is used to install the application. It uses Web-Pick's InstalleRex download manager and installer to bundle potentially unwanted ad-supported software which includes toolbars and browser extensions through a pay-per-install monetization scheme.
Publisher:
or  (signed by Alexey Kurilenko)

Product:
task

Version:
1.0.0.0

MD5:
1ba47f01dcf0e25e3a3aac527cba60b3

SHA-1:
7b80d42c224f42e1afb3ab94e76b533f7543d96b

SHA-256:
e3d307f6f4971422215eff7c507abade625ccbfa2415b2d513a60dccc005c18a

Scanner detections:
21 / 68

Status:
Adware

Explanation:
Uses the InstalleRex from WebPick Internet Holdings to install bundled add-ons including toolbars and other web browser extensions.

Analysis date:
4/25/2024 4:04:26 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.145817
935

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.160.182

avast!
Win32:InstalleRex-CH [PUP]
140617-1

AVG
Adware Generic5.BABS
2014.0.3986

Bitdefender
Gen:Variant.Adware.Graftor.145817
1.0.20.975

Comodo Security
Application.Win32.Multiplug.GETF
18852

Dr.Web
Adware.Downware.5860
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.145817
8.14.07.14.04

ESET NOD32
Win32/AdWare.MultiPlug.AJ application
7.0.302.0

F-Secure
Gen:Variant.Adware.Graftor.145817
11.2014-14-07_2

G Data
Gen:Variant.Adware.Graftor.145817
14.7.24

K7 AntiVirus
Adware
13.180.12719

Malwarebytes
PUP.Optional.Preload
v2014.07.14.04

McAfee
PUP-FIC
5600.7069

MicroWorld eScan
Gen:Variant.Adware.Graftor.145817
15.0.0.585

NANO AntiVirus
Riskware.Win32.MultiPlug.dcfpce
0.28.0.60698

Panda Antivirus
PUP/TSUploader
14.07.14.04

Reason Heuristics
PUP.AlexeyKurilenko.DD
14.7.14.16

Rising Antivirus
PE:PUF.Graftor!1.9C49
23.00.65.14712

Sophos
MultiPlug
4.98

VIPRE Antivirus
Threat.4150696
31208

File size:
785.9 KB (804,752 bytes)

Product version:
1.0.0.0

Copyright:
Copyright (c) 2014

Original file name:
even applications to fix

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\facebook password finder 2014.exe

Digital Signature
Signed by:
Alexey Kurilenko

Authority:
Unizeto Technologies S.A.

Valid from:
6/17/2014 7:20:17 AM

Valid to:
6/17/2015 7:20:17 AM

Subject:
E=Alexey.kurilenko@hotmail.com, CN=Alexey Kurilenko, O=Alexey Kurilenko, C=RU

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
15D51642691B3EE20985639A8FE865DD

File PE Metadata
Compilation timestamp:
7/13/2014 1:02:27 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:SyOYOclubvQ6Ry255uRqmZJGHlbedF1L4cFqTYTaLxWjT3bANawzgs4xUY27yNp:xtOpQ6Ry255uhZsFbeD1L4cBd3sKo7yz

Entry address:
0x1663E

Entry point:
E8, 6B, 75, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F8, CD, 42, 00, E8, 3C, 27, 00, 00, E8, BC, 0E, 00, 00, 0F, B7, F0, 6A, 02, E8, FE, 74, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, A0, 3A, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.6896

Code size:
141.5 KB (144,896 bytes)

The file facebook password finder 2014.exe has been seen being distributed by the following URL.

http://applicationgrabb.net/8248b9cd88bc381901ef3dcbbb7fb691/DFS/dl.php?id=1405310755454187135&r=http://trafficsetfile.info/.../?&q=Facebook Password Finder 2014&product_name=Facebook Password Finder 2014&installer_file_name=Facebook Password Finder 2014&q=Facebook Password Finder 2014&q=Facebook Password Finder 2014&__rnd=d645af93a6821dcfd19f13c96397c499

Remove facebook password finder 2014.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.