» gt_designer3_13_e_x86_2011_eng.exe
Overview
Analysis
File Details
Downloads (1)

gt_designer3_13_e_x86_2011_eng.exe

Zona installer

Destiny Media

The application gt_designer3_13_e_x86_2011_eng.exe by Destiny Media has been detected as a potentially unwanted program by 31 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.torrentino.com.

File name:

Publisher:

Destiny Media (signed and verified)

Product:

Zona installer

Version:

1.0.0.0

MD5:

7d3685892716ca1034597520e67b56f6

SHA-1:

9cf93f61c6fc57df281e983dec4cb6da96803da5

SHA-256:

f46ac75225de772bdaf9bd36c08131ee81062b4e0c365fdfe9e925ffa721c55c

Scanner detections:

31 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 2:34:35 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.BR

5596626

Agnitum Outpost

PUA.ZvuZona

7.1.1

AhnLab V3 Security

PUP/Win32.Downloader

2015.05.31

Avira AntiVirus

APPL/Bundler.BR

8.3.1.6

AVG

Generic

2016.0.3093

Bitdefender

Application.Bundler.BR

1.0.20.755

Comodo Security

Application.Win32.ZvuZona.A

22287

Dr.Web

riskware program Program.Zona.41

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.BR

10.0.0.5366

ESET NOD32

Win32/ZvuZona.A potentially unwanted application

7.0.302.0

Fortinet FortiGate

W32/Generic.AC.2350

5/31/2015

F-Prot

W32/A-5105d86f

v6.4.7.1.166

F-Secure

Riskware.Application.Bundler.BR

5.14.151

G Data

Application.Bundler.BR

15.5.25

IKARUS anti.virus

PUA.ZvuZona

t3scan.1.9.2.0

K7 AntiVirus

Unwanted-Program

13.204.16087

Kaspersky

not-a-virus:Downloader.Win32.AdLoad

15.0.0.543

Malwarebytes

PUP.Optional.Zona

v2015.05.31.08

McAfee

Program.ZvuZona

18.0.204.0

MicroWorld eScan

Application.Bundler.BR

16.0.0.453

NANO AntiVirus

Riskware.Win32.Zona.dmgpjm

0.30.24.1636

Norman

Application.Bundler.BR

03.12.2014 13:20:04

Panda Antivirus

Generic Suspicious

15.05.31.08

Quick Heal

PUA.DestinyMed.DC3

5.15.14.00

Reason Heuristics

PUP.Installer.DestinyMedia

15.5.31.8

Rising Antivirus

PE:PUF.Zona!1.9E06

23.00.65.15529

Total Defense

Win32/Tnega.XXZPfKB

37.1.62.1

Trend Micro House Call

ADW_ZVUZONA_UVPC

7.2.151

Trend Micro

ADW_ZVUZONA_UVPC

10.465.31

Vba32 AntiVirus

Downloader.AdLoad

3.12.26.4

VIPRE Antivirus

Threat.4150696

40552

File size:

227.1 KB (232,528 bytes)

Product version:

1.0.2.6

File type:

Executable application (Win32 EXE)

Language:

Russian

Common path:

C:\users\{user}\downloads\gt_designer3_13_e_x86_2011_eng.exe

Digital Signature

Signed by:

Destiny Media

Authority:

VeriSign, Inc.

Valid from:

6/19/2014 4:00:00 AM

Valid to:

7/19/2016 3:59:59 AM

Subject:

CN=Destiny Media, O=Destiny Media, L=Moscow, S=Moscow, C=RU

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1C1DB725B804FCDECB65D559B70318AB

File PE Metadata

Compilation timestamp:

8/7/2014 3:15:54 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:9d/oKyhlMI4s9hs9gqt8sHE8Ywe3Mox+pqoSSVeN:9Jhlsnstn+LroSSM

Entry address:

0x99B90

Entry point:

60, BE, 00, 70, 46, 00, 8D, BE, 00, A0, F9, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, EC, 75, 09, 00, 57, 83, C3, 04, 53, 68, 7F, 2B, 03, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Entropy:

7.9259 (probably packed)

Code size:

208 KB (212,992 bytes)

The file gt_designer3_13_e_x86_2011_eng.exe has been seen being distributed by the following URL.

http://www.torrentino.com/torrents/.../download_zona

Remove gt_designer3_13_e_x86_2011_eng.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.