» I Want This.exe
Overview
Analysis
File Details

I Want This.exe

I Want This

215 Apps

This is part of a distribution package that is classified as adware distributed by 50onRed. This adware is used to interact with the installed web browsers and inject ads and modify the default search and homepages. The application I Want This.exe by 215 Apps has been detected as adware by 30 anti-malware scanners. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

I Want This.exe

Publisher:

215 Apps (signed and verified)

Product:

I Want This

Description:

I Want This exe

Version:

1.1.149.43

MD5:

b7d8f51da537aa081eb20d09328fd7a7

SHA-1:

cd66ae312bf20732a83e1c8b9a4529a8d30b09f7

SHA-256:

dfd384f60e563f292c0f5a6c7dde97e924eaa7168422586a8acbaf14f7260715

Scanner detections:

30 / 68

Status:

Adware

Explanation:

Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:

4/25/2024 12:31:36 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Kazy.374109

366

Agnitum Outpost

PUA.Toolbar.CrossRider

7.1.1

Avira AntiVirus

TR/Drop.Softomat.AN

7.11.30.172

avast!

Win32:Crossrider-AI [PUP]

2014.9-160203

AVG

SmartShopper.K

2017.0.2844

Baidu Antivirus

Trojan.Win32.Toolbar.CrossRider

4.0.3.1623

Bitdefender

Gen:Variant.Adware.Kazy.374109

1.0.20.170

Bkav FE

W32.Clodd93.Trojan

1.3.0.4613

Boost by Reason

Optional.215Apps

188838

Comodo Security

UnclassifiedMalware

18531

Dr.Web

Trojan.Crossrider1.24157

9.0.1.034

Emsisoft Anti-Malware

Gen:Variant.Adware.Kazy.374109

8.16.02.03.01

ESET NOD32

Win32/Toolbar.CrossRider (variant)

10.8896

F-Secure

Gen:Variant.Adware.Kazy.374109

11.2016-03-02_4

G Data

Gen:Variant.Adware.Kazy.374109

16.2.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.7.5.0

K7 AntiVirus

Unwanted-Program

13.1712333

Kaspersky

not-a-virus:HEUR:AdWare.Win32.Agent

14.0.0.717

Malwarebytes

Adware.GamePlayLabs

v2016.02.03.01

McAfee

Artemis!B3F0DAC17AA9

5600.6500

MicroWorld eScan

Gen:Variant.Adware.Kazy.374109

17.0.0.102

Panda Antivirus

Trj/CI.A

16.02.03.01

Quick Heal

Adware.Crossid (Not a Virus)

2.16.12.00

Reason Heuristics

PUP.50OnRed.215Apps (M)

16.2.3.13

Sophos

AppRider

4.93

SUPERAntiSpyware

Trojan.Agent/Gen-Crossid

9346

Trend Micro House Call

ADW_CROSSID

7.2.34

Trend Micro

ADW_CROSSID

10.465.03

VIPRE Antivirus

GamePlayLabs

22226

Zillya! Antivirus

Backdoor.PePatch.Win32.67882

2.0.0.2193

File size:

431.8 KB (442,200 bytes)

Product version:

1.1.149.43

Original file name:

I Want This.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\i want this\i want this.exe

Digital Signature

Signed by:

215 Apps

Authority:

VeriSign, Inc.

Valid from:

10/25/2011 7:00:00 AM

Valid to:

10/25/2012 6:59:59 AM

Subject:

CN=215 Apps, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=215 Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4D064A782BC23A29CC9B8499A9F4AFB4

File PE Metadata

Compilation timestamp:

3/20/2012 5:43:16 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:V4k3ViprBlWaQBDrIrUgbVDgmb33cEfpjUb15R9xrd8e:V4kWg0URXdT

Entry address:

0x41D23

Entry point:

E8, BA, 90, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 74, D0, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 40, 96, 46, 00, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18, 89, 5D, F8, 39, 5D, 24, 75, 0B, 8B, 45, 08, 8B, 00, 8B, 40, 04, 89, 45, 24, 8B, 35, 44, A0, 45, 00... 
[+]

Entropy:

6.4532

Code size:

352.5 KB (360,960 bytes)

Remove I Want This.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.