filedownloaded20successfully_downloader-n7rx25ahe.exe.zip
The file filedownloaded20successfully_downloader-n7rx25ahe.exe.zip has been detected as a potentially unwanted program by 21 anti-malware scanners. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from sub.yorkshatb.com.
File name:
filedownloaded20successfully_downloader-n7rx25ahe.exe.zip
MD5:
fcba150332a8cc8e32b2bf06e6d1bcd4
SHA-1:
0f4f980a522f32ee83df2bd4007eac2d0ae90e84
SHA-256:
11278442b855bd4281caed7045e8b32330b8abbe4e7bb4db1a672914cdc5c803
Scanner detections:
21 / 68
Status:
Potentially unwanted
Explanation:
Uses the Somoto 'BetterInstaller' to bundle additional (unwanted) software during install without adequate consent.
Analysis date:
4/19/2024 12:12:08 AM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Application.Bundler.Somoto.AH
5805642
Arcabit
Application.Bundler.Somoto.AH
1.0.0.425
avast!
NSIS:Adware-ZI [PUP]
2014.9-150902
Bitdefender
Application.Bundler.Somoto.AH
1.0.20.1225
Clam AntiVirus
Win.Adware.Somoto
0.98/20865
Emsisoft Anti-Malware
Application.Bundler.Somoto.AH
10.0.0.5366
ESET NOD32
Win32/Somoto.G potentially unwanted application
7.0.302.0
F-Prot
W32/SomotoBetterInstaller.F.
v6.4.7.1.166
F-Secure
Application.Bundler.Somoto
11.2015-02-09_4
K7 AntiVirus
Trojan
13.2017086
Kaspersky
not-a-virus:HEUR:Downloader.NSIS.Somoto
14.0.0.1488
McAfee
Trojan.Artemis!D620970CF34F
18.0.204.0
MicroWorld eScan
Application.Bundler.Somoto.AH
16.0.0.735
NANO AntiVirus
Trojan.Win32.Agent.dtledk
0.30.24.3283
Panda Antivirus
Trj/CI.A
15.09.02.11
Qihoo 360 Security
HEUR/QVM42.1.Malware.Gen
1.0.0.1015
Sophos
Generic PUA CO (PUA)
4.98
Trend Micro House Call
TROJ_GE.D65EBAC1
7.2.245
Trend Micro
TROJ_GE.D65EBAC1
10.465.02
VIPRE Antivirus
Trojan.Win32.Generic
43380
File size:
376.4 KB (385,450 bytes)
Common path:
C:\users\{user}\downloads\filedownloaded20successfully_downloader-n7rx25ahe.exe.zip
The file filedownloaded20successfully_downloader-n7rx25ahe.exe.zip has been seen being distributed by the following URL.