home

flv_installer.exe

Square Network Tech Co.,LTD.

The application flv_installer.exe by Square Network Tech Co.,LTD has been detected as adware by 23 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Square Network Tech Co.,LTD.  (signed and verified)

MD5:
40dd50092bbcb3b33b1620c083298e47

SHA-1:
d3455b769b8d35c12992db785db09bbba47368a0

SHA-256:
c7d48726c9b624295fef79b8ac02381a1f8d116fb714365a3add7c2e231f9642

Scanner detections:
23 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 4:15:35 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.E
922

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
PUP/Win32.DomaIQ
2014.07.29

Avira AntiVirus
APPL/SquareNet.AO
7.11.164.82

avast!
Win32:Malware-gen
140617-1

AVG
Adware BundleApp_r.N
2014.0.3986

Bitdefender
Application.Bundler.E
1.0.20.1040

Clam AntiVirus
Win.Trojan.Bundler
0.98/19168

Dr.Web
Adware.Downware.4148
9.0.1.05190

ESET NOD32
Win32/SquareNet.A potentially unwanted application
7.0.302.0

F-Secure
Application.Bundler.E
11.2014-27-07_1

G Data
Application.Bundler
14.7.24

IKARUS anti.virus
PUA.Bundler
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.181.12846

Malwarebytes
PUP.Optional.MultiPlug.A
v2014.07.27.10

McAfee
PUP-FAU
5600.7056

MicroWorld eScan
Application.Bundler.E
15.0.0.624

Panda Antivirus
Trj/Genetic.gen
14.07.27.10

Qihoo 360 Security
Malware.QVM06.Gen
1.0.0.1015

Reason Heuristics
PUP.SquareNetworkTechCoLTD.N
14.7.31.23

Sophos
Square Network Installer
4.98

SUPERAntiSpyware
Heur.Agent/Gen-FakeChrome
10457

VIPRE Antivirus
Threat.4150696
31208

File size:
942.1 KB (964,672 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Amonetize Downloader

Common path:
C:\users\{user}\downloads\flv_installer.exe

Digital Signature
Signed by:
Square Network Tech Co.,LTD.

Authority:
VeriSign, Inc.

Valid from:
12/30/2013 7:00:00 PM

Valid to:
12/31/2014 6:59:59 PM

Subject:
CN="Square Network Tech Co.,LTD.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Square Network Tech Co.,LTD.", L=Zhongshan, S=Guangdong, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
08F1CEE1EA15CE4F4CA29FDEBE3DACA3

File PE Metadata
Compilation timestamp:
5/9/2014 8:09:01 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:omujC/7jg4fqgQ53Q1fsIXfYxMCJSuOIKe/z:omuj2rQ5kfsIPfKjK2z

Entry address:
0x5F7CC

Entry point:
E8, 24, C9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 53, 8B, 5D, 10, 85, DB, 75, 07, 33, C0, E9, 9A, 00, 00, 00, 57, 83, FB, 04, 72, 75, 8D, 7B, FC, 85, FF, 76, 6E, 8B, 4D, 0C, 8B, 45, 08, 8A, 10, 83, C0, 04, 83, C1, 04, 84, D2, 74, 52, 3A, 51, FC, 75, 4D, 8A, 50, FD, 84, D2, 74, 3C, 3A, 51, FD, 75, 37, 8A, 50, FE, 84, D2, 74, 26, 3A, 51, FE, 75, 21, 8A, 50, FF, 84, D2, 74, 10, 3A, 51, FF, 75, 0B, 83, 45, FC, 04, 39, 7D, FC, 72, C2, EB, 3F, 0F, B6, 40, FF, 0F, B6, 49, FF, EB, 46...
 
[+]

Entropy:
6.6426

Code size:
484 KB (495,616 bytes)

Remove flv_installer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.