home

herdprotect.exe

CONDESTIL DEVELOPMENTS S.L.

Warning, this is an illegal version of herdProtect (repackaged and distributed without Reason Software Company's permission) by a company (CONDESTIL DEVELOPMENTS S.L.) that bundles adware. Please make sure that you uninstall this version and download a legitimate copy from our site.
This belongs to a Solimba product that may be bundled with additional PUPs or may be part of an ad-supported software program. The application herdprotect.exe by CONDESTIL DEVELOPMENTS S.L has been detected as adware by 14 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. It uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
CONDESTIL DEVELOPMENTS S.L.  (signed and verified)

MD5:
ef2172754cbb3c5ba9477f63929acc7d

SHA-1:
1e52b0a37c9a318867d171f33e22c66201295965

SHA-256:
823aeb4add07171450567679d8837f4d5596658c9a064f2278ba526b7650c42f

Scanner detections:
14 / 68

Status:
Adware

Explanation:
Uses the Solimba installer to bundle adware offers.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/26/2024 9:53:45 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Kazy.525798
541

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Downware.10857, Trojan.DownLoader13.20536
9.0.1.0142

Emsisoft Anti-Malware
Gen:Variant.Application.Kazy.525798
8.15.05.22.02

F-Secure
Riskware.Gen:Variant.Application.Kazy
11.2015-22-05_6

herdProtect (fuzzy)
variant of street fighter ii turbo hyper fighting.exe (Adware)
2015.8.12.15

K7 AntiVirus
Riskware
13.204.16089

Kaspersky
not-a-virus:Downloader.Win32.Morstar
14.0.0.2002

Malwarebytes
PUP.Optional.Solimba
v2015.05.22.02

MicroWorld eScan
Gen:Variant.Application.Kazy.525798
16.0.0.672

Norman
Gen:Variant.Application.Kazy.525798
11.20150812

Reason Heuristics
Threat.CONDESTILDEVELOPMENTS
15.5.15.14

Sophos
PUA 'Solimba Installer'
5.14

VIPRE Antivirus
Threat.4150696
40552

File size:
611.6 KB (626,288 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Solimba DownloadMR

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\herdprotect.exe

Digital Signature
Signed by:
CONDESTIL DEVELOPMENTS S.L.

Authority:
Unizeto Technologies S.A.

Valid from:
3/9/2015 1:35:45 PM

Valid to:
3/8/2017 1:35:45 PM

Subject:
E=support@condestil.com, CN=CONDESTIL DEVELOPMENTS S.L., O=CONDESTIL DEVELOPMENTS S.L., C=ES

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
5BCC510B694F044236905FE5E5A73FD4

File PE Metadata
Compilation timestamp:
5/14/2015 10:17:37 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:NH618Rdi6X8Io07EERaf4PkhEMbStUh7MOxi/r+EXt0vA+Y+O:W8Rd1aOkeMbStUh7Q3qvA+Y+O

Entry address:
0x10F3C

Entry point:
E8, 87, 96, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 30, CC, 42, 00, E8, 4E, 57, 00, 00, E8, 2C, 1D, 00, 00, 0F, B7, F0, 6A, 02, E8, 1A, 96, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 44, 4D, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
139 KB (142,336 bytes)

Remove herdprotect.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.