» facerigvblb__15022_i1607774272_il2022681.exe.rar
Overview
Analysis
File Details
Downloads (1)

facerigvblb__15022_i1607774272_il2022681.exe.rar

The file facerigvblb__15022_i1607774272_il2022681.exe.rar has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from a.kat.cr.

File name:

MD5:

da39706353dbe1c4fc3511e6b54a8b22

SHA-1:

2793fc8e41c7242139f8d1f5fb2bcdf436b52f84

SHA-256:

00202a75f67328d393db9c6b51bf78d04ed8a4e17024203479b0e2ba749acb58

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/16/2024 9:29:13 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Amonetize (M)

16.7.29.3

File size:

674.6 KB (690,807 bytes)

Common path:

C:\users\{user}\downloads\facerigvblb__15022_i1607774272_il2022681.exe.rar

The file facerigvblb__15022_i1607774272_il2022681.exe.rar has been seen being distributed by the following URL.

https://a.kat.cr/callback/.../?name=FaceRig.v0.69b-LB&link=magnet:?xt=urn:btih:75B36F0D4CCABC6E36AAC999AACF4486A69A13D3&dn=facerig+v0+69b+lb&tr=udp%3A%2F%2Fopen.demonii.com%3A1337%2Fannounce&uuid=61ee6838-3301-4d1a-4b34-9d8e9bb44ab0&account=_b894d6cb1e370fb9ad89f8d6d99eeb33

Remove facerigvblb__15022_i1607774272_il2022681.exe.rar - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.