home

internet download manager crack download line walker_10924_i6594791_il345.exe

Runner Utility

BERSHNET LLC

The application internet download manager crack download line walker_10924_i6594791_il345.exe by BERSHNET has been detected as adware by 32 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from downprov.brown1switch.com and multiple other hosts.
Publisher:
Dummy, Ltd.  (signed by BERSHNET LLC)

Product:
Runner Utility

Version:
1.0.0.187

MD5:
2ab7558a8790910e78eb86add72670ab

SHA-1:
d27082a5c9b1479380bf0858300280796d1aaa4e

SHA-256:
269472d606040c1d34b889495a1db5ef40e924f5a14014174cf59a2f5969f737

Scanner detections:
32 / 68

Status:
Adware

Analysis date:
5/1/2024 6:45:40 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Kazy.597380
620

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.LoadMoney
2015.05.23

Avira AntiVirus
ADWARE/Amonetize.Gen7
8.3.1.6

avast!
Win32:Amonetize-JO [PUP]
2014.9-150525

AVG
Generic
2016.0.3098

Baidu Antivirus
PUA.Win32.Dlhelper
4.0.3.15525

Bitdefender
Gen:Variant.Adware.Kazy.597380
1.0.20.725

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
Application.Win32.LoadMoney.IARS
22219

Dr.Web
Trojan.Amonetize
9.0.1.0145

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.597380
8.15.05.25.04

ESET NOD32
Win32/Amonetize.DW potentially unwanted (variant)
9.11672

Fortinet FortiGate
Riskware/Agent
5/25/2015

F-Prot
W32/S-53544127
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Kazy
11.2015-25-05_2

G Data
Gen:Variant.Adware.Kazy.597380
15.5.25

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.9.0

K7 AntiVirus
Unwanted-Program
13.204.16007

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.1987

Malwarebytes
PUP.Optional.Amonetize
v2015.05.25.04

McAfee
Artemis!2AB7558A8790
5600.6754

MicroWorld eScan
Gen:Variant.Adware.Kazy.597380
16.0.0.435

NANO AntiVirus
Trojan.Win32.Agent.drooyk
0.30.24.1636

Panda Antivirus
Trj/Genetic.gen
15.05.25.04

Qihoo 360 Security
HEUR/QVM16.0.Malware.Gen
1.0.0.1015

Quick Heal
PUA.Bershnetll.Gen
5.15.14.00

Reason Heuristics
PUP.BERSHNET
15.5.25.16

Sophos
Amonetize
4.98

Trend Micro House Call
TROJ_GEN.R047C0EEH15
7.2.145

Trend Micro
TROJ_GEN.R047C0EEH15
10.465.25

VIPRE Antivirus
Amonetize
40482

File size:
1.5 MB (1,550,352 bytes)

Product version:
1.0.0.187

Copyright:
Copyright (C) 2013

Original file name:
runner.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\internet download manager crack download line walker_10924_i6594791_il345.exe

Digital Signature
Signed by:
BERSHNET LLC

Authority:
COMODO CA Limited

Valid from:
2/6/2015 5:30:00 AM

Valid to:
2/7/2016 5:29:59 AM

Subject:
CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata
Compilation timestamp:
5/9/2015 11:23:07 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
24576:YowtnEOLBoFzeID61e/zivv+IqLWZfDYjYiQWvV80yGFyc5GdAWGriykRBiV8:FaEAIeID61e/ziXTf8QW2yFB2AWGrH+h

Entry address:
0x364CCB

Entry point:
E9, 64, 8E, 00, 00, C7, BE, EC, CC, E6, FA, 93, D7, 51, 83, 0D, FE, 53, 82, 16, 6E, 54, 7A, 4C, 4C, 80, 9C, D4, 22, 08, 06, 12, FA, BE, 84, B4, 80, C0, D2, F8, 1A, 40, 00, B1, 6A, 9B, D1, 43, 13, C3, DF, E9, 68, 6C, 7C, C0, D8, D7, B4, 35, 5B, 65, E9, D0, 44, 2E, A6, EA, F2, 72, E6, 73, 06, 6E, BE, 85, AC, F0, B0, F4, BF, B0, 78, 5E, FC, CA, EC, 8B, 14, 60, 1A, 6B, B6, 8C, 71, D9, 61, EA, 4A, 97, 14, B7, 3E, B2, 32, F9, 6E, B0, 4F, B9, 40, 8A, 61, A5, F9, 6E, F7, 78, 8C, 4E, FE, 0C, 28, B3, D4, DE, 0A, 93...
 
[+]

Entropy:
7.9945

Packer / compiler:
Xtreme-Protector v1.05

Code size:
187.5 KB (192,000 bytes)

The file internet download manager crack download line walker_10924_i6594791_il345.exe has been seen being distributed by the following 2 URLs.

http://downprov.brown1switch.com/direct?version=1.1.8.22&campid=10924&instid[appname]=Gta 5 pc tpb_Downloader&instid[appsetupurl]=http://go.futuresdownload.com/getfast/download.cgi?9&ti1=700000&ti2=0&ti3=2015-05-09T17:59:28.596779 00:00&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.futuresdownload.com/d1/logo150x150.png&prefix=Gta 5 pc tpb&instid[thankyoupage]=http://download.futuresdownload.com/.../thank_you.php?ti1=700000&ti2=0&ti3=2015-05-09T17:59:28.596779 00:00&parameter=Gta 5 pc tpb&instid[interrupted]=http://download.futuresdownload.com/.../interrupted.php?ti1=700000&ti2=0&ti3=2015-05-09T17:59:28.596779 00:00&parameter=Gta 5 pc tpb&ti1=700000&ti2=0&ti3=2015-05-09T17:59:28.596779 00:00&_dest=files.red-2-small-button.com

http://files.red-2-small-button.com/p/.../internet download manager crack download line walker_10924_i6594791_il345.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.