» how to mastrbate for a beginner girl steps__10924_i1536629906_il1620723.exe
Overview
Analysis
File Details
Network (3)

how to mastrbate for a beginner girl steps__10924_i1536629906_il1620723.exe

LLC DE PROEKT

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application how to mastrbate for a beginner girl steps__10924_i1536629906_il1620723.exe by LLC DE PROEKT has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

LLC DE PROEKT (signed and verified)

Version:

1.1.8.22

MD5:

26e1f3958a884b0a17dfd9c5f4d46eac

SHA-1:

e3a5e688a437b92fe450fed3a72b28592ce6cbf0

SHA-256:

d64b0948f43e0f99066d1b61ed7300ed6c51de445145cd7eca6b1e308d6e5aee

Scanner detections:

22 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/16/2024 6:55:04 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.Amonetize.BA

5758502

Agnitum Outpost

PUA.Amonetize

7.1.1

AhnLab V3 Security

PUP/Win32.Amonetize

2015.06.18

Arcabit

Application.Bundler.Amonetize.BA

1.0.0.425

avast!

Win32:PUP-gen [PUP]

2014.9-150617

AVG

BundleApp

2016.0.3075

Bitdefender

Application.Bundler.Amonetize.BA

1.0.20.840

Dr.Web

Trojan.Amonetize.3647

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.Amonetize.BA

10.0.0.5366

ESET NOD32

Win32/Amonetize.FC potentially unwanted application

7.0.302.0

Fortinet FortiGate

Adware/Amonetize

6/17/2015

F-Secure

Riskware.Application.Bundler.Amonetize

5.14.151

G Data

Application.Bundler.Amonetize.BA

15.6.25

Kaspersky

not-a-virus:AdWare.Win32.Amonetize

15.0.0.543

Malwarebytes

PUP.Optional.Bundle

v2015.06.17.03

MicroWorld eScan

Application.Bundler.Amonetize.BA

16.0.0.504

NANO AntiVirus

Riskware.Win32.Amonetize.dsucco

0.30.24.2086

Norman

Application.Bundler.Amonetize.BA

02.06.2015 14:23:46

Panda Antivirus

Trj/Genetic.gen

15.06.17.03

Reason Heuristics

Threat.Win.Reputation.IMP

15.6.17.11

VIPRE Antivirus

Threat.4150696

40830

Zillya! Antivirus

Adware.Amonetize.Win32.4105

2.0.0.2230

File size:

622.5 KB (637,456 bytes)

Product version:

1.1.8.22

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Amonetize Downloader

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\how to mastrbate for a beginner girl steps__10924_i1536629906_il1620723.exe

Digital Signature

Signed by:

LLC DE PROEKT

Authority:

COMODO CA Limited

Valid from:

5/6/2015 1:00:00 AM

Valid to:

5/6/2016 12:59:59 AM

Subject:

CN=LLC DE PROEKT, O=LLC DE PROEKT, STREET="str. Petropavlovska, 3", L=Simferopol, S=AR Krym, PostalCode=95000, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2D675A924C3DAB51C8060B92453C4912

File PE Metadata

Compilation timestamp:

6/12/2015 8:26:41 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:356qooX3agwI0fMvv6AJb/+vL5kJ1m353/4Y51MKjAGG0JNmu1facYlz:rRXN6Kb/+21m3dv5OKDGwpYl

Entry address:

0xB852

Entry point:

E8, 7B, 2B, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 77, 6F, 53, 57, A1, 08, BA, 37, 00, 85, C0, 75, 1D, E8, 76, 15, 00, 00, 6A, 1E, E8, CC, 15, 00, 00, 68, FF, 00, 00, 00, E8, 1E, 18, 00, 00, A1, 08, BA, 37, 00, 59, 59, 85, F6, 74, 04, 8B, CE, EB, 03, 33, C9, 41, 51, 6A, 00, 50, FF, 15, 78, 30, 37, 00, 8B, F8, 85, FF, 75, 26, 6A, 0C, 5B, 39, 05, 20, BD, 37, 00, 74, 0D, 56, E8, 62, 02, 00, 00, 59, 85, C0, 75, A9, EB, 07, E8, 77, 1F, 00, 00, 89, 18, E8, 70, 1F, 00, 00, 89, 18, 8B... 
[+]

Entropy:

7.6595

Code size:

72 KB (73,728 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to server-54-192-55-154.jfk6.r.cloudfront.net (54.192.55.154:80)

TCP (HTTP):

Connects to server-54-192-54-75.jfk6.r.cloudfront.net (54.192.54.75:80)

TCP (HTTP):

Connects to ec2-54-225-244-105.compute-1.amazonaws.com (54.225.244.105:80)

Remove how to mastrbate for a beginner girl steps__10924_i1536629906_il1620723.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.