» iskysoft dvd creator v3.8.0 (for windows)_10924_i41228241_il345.exe
Overview
Analysis
File Details

iskysoft dvd creator v3.8.0 (for windows)_10924_i41228241_il345.exe

Runner Utility

BERSHNET LLC

The application iskysoft dvd creator v3.8.0 (for windows)_10924_i41228241_il345.exe by BERSHNET has been detected as adware by 16 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

Dummy, Ltd. (signed by BERSHNET LLC)

Product:

Runner Utility

Version:

1.0.0.187

MD5:

b9869ce991a61376093213ede7e7e36c

SHA-1:

f3c4980c0d2efc75e7a7cf9dedf2a2eff714a179

SHA-256:

f777b2381239577576462391673c34a52e45f0ea4652c6b38344bdcf4f80394b

Scanner detections:

16 / 68

Status:

Adware

Analysis date:

4/26/2024 2:19:45 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Mikey.8247

701

Avira AntiVirus

ADWARE/Adware.Gen7

7.11.214.34

AVG

Generic

2016.0.3179

Bitdefender

Gen:Variant.Adware.Mikey.8247

1.0.20.325

Comodo Security

Virus.Win32.Virut.CE

21309

Emsisoft Anti-Malware

Gen:Variant.Adware.Mikey.8247

8.15.03.06.01

ESET NOD32

Win32/Amonetize.DW potentially unwanted (variant)

9.11276

F-Prot

W32/S-40484255

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.Mikey

11.2015-06-03_6

G Data

Gen:Variant.Adware.Mikey.8247

15.3.25

K7 AntiVirus

Unwanted-Program

13.200.15176

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.2390

Malwarebytes

PUP.Optional.Bershnet

v2015.03.06.01

MicroWorld eScan

Gen:Variant.Adware.Mikey.8247

16.0.0.195

Reason Heuristics

PUP.BERSHNET

15.3.6.1

VIPRE Antivirus

Amonetize

38158

File size:

1.5 MB (1,538,064 bytes)

Product version:

1.0.0.187

Original file name:

runner.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\iskysoft dvd creator v3.8.0 (for windows)_10924_i41228241_il345.exe

Digital Signature

Signed by:

BERSHNET LLC

Authority:

COMODO CA Limited

Valid from:

2/5/2015 7:00:00 PM

Valid to:

2/6/2016 6:59:59 PM

Subject:

CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata

Compilation timestamp:

3/5/2015 9:53:06 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

24576:9j1hKLajeoVYSbI2I9o0/DMaQkhDItjRLXzXVwpKwqLY2pfcguDgzCgGZgMIkrLq:1zKGjeN2d0/AgDwjRLXzVw5R/HDgNGO9

Entry address:

0x2FD197

Entry point:

E9, DE, 82, F7, FF, 04, 5E, 78, A7, 4C, 81, F3, D8, D5, 63, F1, D9, 77, 67, C2, 04, 4B, BD, 14, AA, 3B, 65, A4, 26, 99, FF, 3E, A0, F7, 5D, AC, 36, 26, 1C, 75, C3, 8A, 87, F1, 7A, 80, E3, 41, 1C, 66, B0, 99, 89, F7, 9C, F4, F2, FE, C0, 83, BE, 4A, 06, FE, 5A, 1F, 25, DB, F3, CA, 3C, 68, 5D, 75, 86, 04, 89, DD, 13, 95, 3A, D1, C7, DB, 68, 1E, 53, 80, BE, 7E, 4C, 34, FC, FB, DD, A6, AA, F4, 8C, 73, 8F, 4B, 78, 0B, 1D, D3, 08, 19, AF, AF, C6, 38, F7, F4, 8E, 1B, 6F, E5, 56, C7, B7, DF, 48, 38, E2, CC, C9, 01... 
[+]

Entropy:

7.9946

Packer / compiler:

Xtreme-Protector v1.05

Code size:

187.5 KB (192,000 bytes)

Remove iskysoft dvd creator v3.8.0 (for windows)_10924_i41228241_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.