» hindi.torrents_10924_i25961462_il345.exe.zip
Overview
Analysis
File Details
Downloads (2)

hindi.torrents_10924_i25961462_il345.exe.zip

The file hindi.torrents_10924_i25961462_il345.exe.zip has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from downprov.brown1switch.com and multiple other hosts.

File name:

MD5:

38c5ac1f3b10a4e16790820580298421

SHA-1:

ef939b0ae455612558ed427219d300d674ab6f13

SHA-256:

84ad257954a7f5094570e11233353003d7b7ea303aa31432232b94ad1c631bcd

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/16/2024 11:12:25 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Amonetize (M)

16.8.9.16

File size:

208 Bytes

Common path:

C:\users\{user}\downloads\hindi.torrents_10924_i25961462_il345.exe.zip

The file hindi.torrents_10924_i25961462_il345.exe.zip has been seen being distributed by the following 2 URLs.

http://downprov.brown1switch.com/direct?version=1.1.8.22&campid=10924&instid[appname]=hindi.torrents_Downloader&instid[appsetupurl]=http://go.mysoftwarelive.com/getfast/download.cgi?9&ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144+00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.mysoftwarelive.com/d1/logo150x150.png&prefix=hindi.torrents&instid[thankyoupage]=http://download.mysoftwarelive.com/.../thank_you.php?ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144+00:00&parameter=hindi.torrents&instid[interrupted]=http://download.mysoftwarelive.com/.../interrupted.php?ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144+00:00&parameter=hindi.torrents&ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144 00:00&_dest=files.red-4-small-button.com

http://downprov.brown1switch.com/direct?version=1.1.8.22&campid=10924&instid[appname]=hindi.torrents_Downloader&instid[appsetupurl]=http://go.mysoftwarelive.com/getfast/download.cgi?9&ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144 00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.mysoftwarelive.com/d1/logo150x150.png&prefix=hindi.torrents&instid[thankyoupage]=http://download.mysoftwarelive.com/.../thank_you.php?ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144 00:00&parameter=hindi.torrents&instid[interrupted]=http://download.mysoftwarelive.com/.../interrupted.php?ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144 00:00&parameter=hindi.torrents&ti1=7710000&ti2=1&ti3=DD1_2015-07-01T15:50:19.971144 00:00&_dest=files.red-4-small-button.com

Remove hindi.torrents_10924_i25961462_il345.exe.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.