home

fuzezip-10-32-bits.exe

ISBRInstaller

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application fuzezip-10-32-bits.exe by ISBRInstaller has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. It is also typically executed from an Internet Explorer cache folder.
Publisher:
ISBRInstaller  (signed and verified)

MD5:
3331f12af2e2dab2fbc9a3d086c0dd3d

SHA-1:
faa8e2c53823a89e845c83475d079a17bce4de76

SHA-256:
04fddef48e7ab8d2908317bba3404bd7f748aa1ce8619d8942648d9d4757fdac

Scanner detections:
19 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/19/2024 7:46:13 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.InstallCore
7.1.1

Avira AntiVirus
APPL/InstallCore.AL
7.11.113.222

Bkav FE
W32.Clodb0d.Trojan
1.3.0.4562

Comodo Security
UnclassifiedMalware
17278

Dr.Web
Trojan.Packed.24524
9.0.1.0356

ESET NOD32
Win32/InstallCore.DO (variant)
7.9055

Fortinet FortiGate
Riskware/InstallCore
8/7/2014

F-Prot
W32/InstallCore.R3.gen
v6.4.7.1.166

K7 AntiVirus
Trojan
13.174.10588

Malwarebytes
PUP.Optional.InstallCore
v2013.12.22.09

McAfee
Artemis!C17F09DF234E
5600.7273

Qihoo 360 Security
HEUR/Malware.QVM20.Gen
1.0.0.1015

Reason Heuristics
PUP.ISBRInstaller.S
14.8.7.20

Rising Antivirus
PE:Malware.XPACK-LNR/Heur!1.5594
23.00.65.14212

Sophos
Install Core Click run software
4.97

SUPERAntiSpyware
PUP.InstallCore/Variant
10891

Trend Micro House Call
TROJ_GEN.F47V1008
7.2.356

Vba32 AntiVirus
Downware.InstallCore
3.12.24.3

VIPRE Antivirus
InstallCore.b
26030

File size:
657.8 KB (673,608 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\fuzezip-10-32-bits.exe

Digital Signature
Signed by:
ISBRInstaller

Authority:
COMODO CA Limited

Valid from:
7/16/2013 9:00:00 PM

Valid to:
7/17/2014 8:59:59 PM

Subject:
CN=ISBRInstaller, O=ISBRInstaller, STREET=Ronthschilde 63, L=Tel Aviv, S=Tel Aviv, PostalCode=6527319, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
158EF632B1D9C77CF5AAB6A9367E7FCE

File PE Metadata
Compilation timestamp:
6/19/1992 7:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:TSyMJfsGLCD3jpE3wvIhnpvISQgq4VcD2TmjWeAesdaGrLM4eOXnf2HKLP1:2yMJfsr3jpC5qIZiWeorMSXnfuu

Entry address:
0x98CC

Entry point:
55, 8B, EC, 83, C4, CC, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, FA, 97, FF, FF, E8, 01, AA, FF, FF, E8, 2C, CC, FF, FF, E8, 73, CC, FF, FF, E8, 0A, F3, FF, FF, E8, 71, F4, FF, FF, 33, C0, 55, 68, 76, 9F, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 2C, 9F, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, B0, 40, 00, E8, 9B, FE, FF, FF, E8, 26, FA, FF, FF, 8D, 55, F0, 33, C0, E8, E0, D0, FF, FF, 8B, 55, F0, B8, D8, BD, 40, 00, E8, AB, 98, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, D8, BD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36 KB (36,864 bytes)

Remove fuzezip-10-32-bits.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.