» gta extreme indonesia full mod v6 terbaru__6629_i1711093775_il8105.exe
Overview
Analysis
File Details
Downloads (1)

gta extreme indonesia full mod v6 terbaru__6629_i1711093775_il8105.exe

LLC

The application gta extreme indonesia full mod v6 terbaru__6629_i1711093775_il8105.exe by LLC has been detected as adware by 19 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from mymediadownloadseighteen.com.

File name:

Publisher:

LLC (signed and verified)

MD5:

ca9fad7adaf57ff1854f792880e83a5a

SHA-1:

09e5b1c4b99aac67d653e62327c557cf240252e9

SHA-256:

b6ef183e15d5a77961adbdedf5b39a44f0c1244bb32f299691cf8d6dffe91e16

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

5/17/2025 2:46:48 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.Generic

2015.10.16

Avira AntiVirus

ADWARE/Amonetize.Gen7

8.3.2.2

AVG

Generic

2016.0.2954

Baidu Antivirus

Hacktool.Win32.Agent

4.0.3.151016

ESET NOD32

Win32/Amonetize.KI potentially unwanted (variant)

9.12418

K7 AntiVirus

Unwanted-Program

13.211.17557

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.1267

Malwarebytes

PUP.Optional.Amonetize

v2015.10.16.01

NANO AntiVirus

Trojan.Win32.Agent.dxmgor

0.30.26.3947

Panda Antivirus

Generic Suspicious

15.10.16.01

Reason Heuristics

PUP.Amonitize (M)

15.10.16.13

Rising Antivirus

PE:Malware.RDM.15!5.15[F1]

23.00.65.151014

Vba32 AntiVirus

Signed-Downware.Amonetize

3.12.26.4

VIPRE Antivirus

Amonetize

44576

File size:

1 MB (1,092,768 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\gta extreme indonesia full mod v6 terbaru__6629_i1711093775_il8105.exe

Digital Signature

Signed by:

LLC

Authority:

COMODO CA Limited

Valid from:

7/11/2015 7:00:00 AM

Valid to:

7/11/2016 6:59:59 AM

Subject:

CN="LLC ""DEKA-SOFT""", O="LLC ""DEKA-SOFT""", STREET="str. Uralska, 8", L=Kamyanets-Podilskyy, S=Khmelnytska, PostalCode=32300, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009E72DC1CAE0AC1C46FB0692B93F1002C

File PE Metadata

Compilation timestamp:

10/16/2015 4:33:47 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:6+S+vPKQaDtX9lS+p6YZJSN3tqZEjZu8VMSiiKq:G+vYDtXzTogI3tqudYq

Entry address:

0xB598

Entry point:

E8, 58, 40, 00, 00, E9, A1, FD, FF, FF, FF, 35, A8, 21, 43, 00, FF, 15, 5C, 50, 42, 00, C3, FF, 35, A8, 21, 43, 00, FF, 15, 5C, 50, 42, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 54, 2E, 00, 00, 6A, 01, 6A, 00, E8, FD, 46, 00, 00, 83, C4, 0C, E9, 14, 47, 00, 00, 55, 8B, EC, 56, FF, 35, A8, 21, 43, 00, FF, 15, 5C, 50, 42, 00, FF, 75, 08, 8B, F0, FF, 15, 58, 50, 42, 00, A3, A8, 21, 43, 00, 8B, C6, 5E, 5D, C3, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00... 
[+]

Entropy:

7.7482 (probably packed)

Code size:

141.5 KB (144,896 bytes)

The file gta extreme indonesia full mod v6 terbaru__6629_i1711093775_il8105.exe has been seen being distributed by the following URL.

http://mymediadownloadseighteen.com/?dmVyc2lvbj0xLjEuNS4yNiZjYW1waWQ9MzY4NyZpbnN0aWRbYXBwbmFtZV09VHJpdmlhbCUyMFB1cnN1aXQlMjBRdWVzdGlvbnMlMjBBbmQlMjBBbnN3ZXJzJTIwUHJpbnRhYmxlJTIwUGQlMjBEb3dubG9hZGVyJmluc3RpZFthcHBzZXR1cHVybF09aHR0cCUzQSUyRiUyRmZhc3RtZWRpYWRvd25sb2Fkcy5jb20lMkZkb3dubG9hZCUyRlByb21wdC1Eb3dubG9hZGVyLTE0MDI4NzA0MzcuZXhlJmluc3RpZFtjbWRsaW5lXT0maW5zdGlkW2FwcGltYWdldXJsXT1odHRwJTNBJTJGJTJGcHJvbXB0ZG93bmxvYWRlci5jb20lMkZsb2dvLnBuZyZwcmVmaXg9VHJpdmlhbCUyMFB1cnN1aXQlMjBRdWVzdGlvbnMlMjBBbmQlMjAlMjBEb3dubG9hZGVyJmluc3RpZFtpbnRlcnJ1cHRlZF09aHR0cCUzQSUyRiUyRnByb21wdGRvd25sb2FkZXIuY29tJTJGJTNGY2FuY2VsJnRpMT0xNDAyODcwNDM3Jmluc3RpZFt0aGFua3lvdXBhZ2VdPWh0dHAlM0ElMkYlMkZwcm9tcHRkb3dubG9hZGVyLmNvbSUyRiUzRnN1Y2Nlc3MmdGtuPTE0NDQ5ODg1MjguYzk2ZTY0OGIyNjFiYWY4Y2E1M2VkNmVhN2E0MjZlMjY=

Remove gta extreme indonesia full mod v6 terbaru__6629_i1711093775_il8105.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.