» IGG-The.Escapists.Early.rar.exe
Overview
Analysis
File Details
Downloads (2)

IGG-The.Escapists.Early.rar.exe

On Unaccommodating

Being Found

The application IGG-The.Escapists.Early.rar.exe has been detected as a potentially unwanted program by 22 anti-malware scanners. This is a setup program which is used to install the application. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. The file has been seen being downloaded from applicationgrabb.net and multiple other hosts.

File name:

Publisher:

Being Found

Product:

On Unaccommodating

Description:

For Passing

Version:

3.4.3.2

MD5:

ef5b0815860fb33c82767b9e5753b18c

SHA-1:

d2b505b8aaad3d7918d64f9f62e57a26f848e78a

SHA-256:

0f2cc418174d7983a2efaf04b24ca0633c75876c354021a8abfcd59861626239

Scanner detections:

22 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/26/2024 6:27:08 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.16

865

AhnLab V3 Security

PUP/Win32.MultiPlug

2014.09.23

Avira AntiVirus

ADWARE/MultiPlug.Gen4

7.11.173.226

avast!

Win32:MultiPlug-DA [PUP]

140908-2

AVG

Adware Generic5.BIMM

2014.0.4025

Bitdefender

Gen:Variant.Application.Bundler.16

1.0.20.1325

Bkav FE

HW32.Paked

1.3.0.4959

Dr.Web

Trojan.Crossrider.31895

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Application.Bundler.16

14.09.22

ESET NOD32

Win32/AdWare.MultiPlug.BS application

7.0.302.0

F-Secure

Gen:Variant.Application.Bundler

11.2014-22-09_2

G Data

Gen:Variant.Application.Bundler.16

14.9.24

IKARUS anti.virus

AdWare.AdPlugin

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.183.13451

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3210

Malwarebytes

PUP.Optional.MultiPlug

v2014.09.22.09

McAfee

MultiPlug

5600.6999

MicroWorld eScan

Gen:Variant.Application.Bundler.16

15.0.0.795

NANO AntiVirus

Riskware.Win32.MultiPlug.dekkbu

0.28.2.62286

nProtect

Trojan-Clicker/W32.MultiPlug.737280

14.09.22.01

Sophos

MultiPlug

4.98

Vba32 AntiVirus

AdWare.MultiPlug

3.12.26.3

File size:

720 KB (737,280 bytes)

Product version:

5.4.1.2

Original file name:

IGG-The.Escapists.Early.rar.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\igg-the.escapists.early.rar.exe

File PE Metadata

Compilation timestamp:

9/25/2012 12:28:19 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:j25iATXrEoKyTG1nstSU+5AZJKU8vnsoNKkux+aMeEVdUj2RwPe1hk1WMzxIOuKI:RUrbyU+2frroczx+aMeHj26ksFOXVPiE

Entry address:

0x10CF7

Entry point:

E8, 9E, 3E, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, EF, 41, 00, E8, E3, 12, 00, 00, E8, 6B, 40, 00, 00, 0F, B7, F0, 6A, 02, E8, 31, 3E, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, F0, 04, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

101 KB (103,424 bytes)

The file IGG-The.Escapists.Early.rar.exe has been seen being distributed by the following 2 URLs.

http://applicationgrabb.net/2943128602fb98ce7b535b4607f9064c/bil/dl.php?id=1409460470290596626&r=http://netuksetsetnews.info/v625/lp/?q=yyZH7UA/m17K789/XZIYbYvur09WVvgGxTWJejqx48EBs8Q5oa8xy9XnHRbZ4c0Zq9yo6evv/Cb/0R838FywMaq8JMH14y5FisqQxT2AiUWlPVTvBEudSzJlQsI/Yp1naq8F05OWXPF7sf9faZF2WuPT1NozZLRdwY1bpfR DlsZHCA3YhT4AwL3uPQ4Su0KSmeIH2Xp7ATvkIwtvfwmKrEy3YbbWqFX9OPymjpC m005a4mg9c7kIxKZqUgi6YyWq8ZU1bK7xf 2BFHJLrI3i2zTYkRwR3/.../Am&__rnd=6f606fa4fd3ce752fc6903e8671457c8

http://netuksetsetnews.info/v625/lp/?q=yyZH7UA/m17K789/XZIYbYvur09WVvgGxTWJejqx48EBs8Q5oa8xy9XnHRbZ4c0Zq9yo6evv/Cb/0R838FywMaq8JMH14y5FisqQxT2AiUWlPVTvBEudSzJlQsI/Yp1naq8F05OWXPF7sf9faZF2WuPT1NozZLRdwY1bpfR DlsZHCA3YhT4AwL3uPQ4Su0KSmeIH2Xp7ATvkIwtvfwmKrEy3YbbWqFX9OPymjpC m005a4mg9c7kIxKZqUgi6YyWq8ZU1bK7xf 2BFHJLrI3i2zTYkRwR3/.../Am&external_id=1409460470290596626

Remove IGG-The.Escapists.Early.rar.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.