» jamie n commons x ambassadors jungle world cup 2014 ad__3055_il783.exe
Overview
Analysis
File Details
Downloads (2)

jamie n commons x ambassadors jungle world cup 2014 ad__3055_il783.exe

Shetef Solutions & Consulting (1998) Ltd.

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application jamie n commons x ambassadors jungle world cup 2014 ad__3055_il783.exe by Shetef Solutions & Consulting (1998) has been detected as adware by 25 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. According to AVG, this software downloads additional adware offers during setup.

File name:

Publisher:

Shetef Solutions & Consulting (1998) Ltd. (signed and verified)

Version:

1.1.5.26

MD5:

4603306f40e6cbda7de8dc88b2e43c4c

SHA-1:

f79470a62b06efee28fb03ea64506c0bd8ef0751

SHA-256:

e8e5fea699f5424a557f3221eb1c64b5e57ae0372cf11cf44640d54baa809eb2

Scanner detections:

25 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

5/14/2025 1:58:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.Amonetize.18

762

Agnitum Outpost

PUA.Amonetize

7.1.1

AhnLab V3 Security

PUP/Win32.Amonetize

2015.01.04

Avira AntiVirus

ADWARE/Adware.Gen4

7.11.199.92

AVG

Downloader.Generic14

2016.0.3240

Baidu Antivirus

Adware.Win32.Amonetize

4.0.3.1513

Bitdefender

Gen:Variant.Application.Bundler.Amonetize.18

1.0.20.15

Dr.Web

Adware.Downware.8876

9.0.1.03

ESET NOD32

Win32/Amonetize.BY (variant)

9.10960

Fortinet FortiGate

Riskware/Amonetize

1/3/2015

F-Prot

W32/A-f8584296

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Bundler

11.2015-03-01_7

G Data

Gen:Variant.Application.Bundler.Amonetize.18

15.1.24

IKARUS anti.virus

PUA.Amonetize

t3scan.1.8.5.0

K7 AntiVirus

Unwanted-Program

13.1814525

Malwarebytes

PUP.Optional.Amonetize

v2015.01.03.07

McAfee

Artemis!4603306F40E6

5600.6896

MicroWorld eScan

Gen:Variant.Application.Bundler.Amonetize.18

16.0.0.9

NANO AntiVirus

Riskware.Win32.Downware.dhzzeg

0.30.0.64448

Reason Heuristics

PUP.Installer.ShetefSolutionsConsulting1998.?

15.1.3.19

Sophos

Generic PUA PH

4.98

Trend Micro House Call

TROJ_GEN.R02SH09JR14

7.2.3

Vba32 AntiVirus

AdWare.Amonetize

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

36348

Zillya! Antivirus

Backdoor.PePatch.Win32.50090

2.0.0.2025

File size:

454.1 KB (464,976 bytes)

Product version:

1.1.5.26

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Amonetize Downloader

Language:

English (United States)

Digital Signature

Signed by:

Shetef Solutions & Consulting (1998) Ltd.

Authority:

GoDaddy.com, Inc.

Valid from:

10/13/2014 11:02:37 AM

Valid to:

10/13/2015 11:02:37 AM

Subject:

CN=Shetef Solutions & Consulting (1998) Ltd., O=Shetef Solutions & Consulting (1998) Ltd., L=Rannana, S=Israel, C=IL

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

4B1B72BCEFC0E8

File PE Metadata

Compilation timestamp:

10/20/2014 4:33:52 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:yIc0x8bs/GQY5quuEuAWrrnNDPKSR0tMmXDgFj:yIvKbhRuxrcSR0tMm8Fj

Entry address:

0x11DE8

Entry point:

E8, 49, 6A, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 3D, 94, 1E, 3B, 00, 00, 75, 18, E8, 5C, 4E, 00, 00, 6A, 1E, E8, A6, 4C, 00, 00, 68, FF, 00, 00, 00, E8, F9, F5, FF, FF, 59, 59, 8B, 45, 08, 85, C0, 75, 01, 40, 50, 6A, 00, FF, 35, 94, 1E, 3B, 00, FF, 15, 14, A1, 3A, 00, 5D, C3, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 94, 1E, 3B, 00, 00, 75, 18, E8, 12, 4E, 00, 00, 6A, 1E, E8, 5C, 4C, 00, 00, 68, FF, 00, 00, 00, E8, AF, F5, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3... 
[+]

Code size:

161 KB (164,864 bytes)

The file jamie n commons x ambassadors jungle world cup 2014 ad__3055_il783.exe has been seen being distributed by the following 2 URLs.

http://www.care-download.com/download.php?version=1.1.5.26&campid=3055&instid[appname]=Jamie_N_Commons_X_Ambassadors_-_Jungle_World_Cup_2014_ad_(iPlayer.fm).mp3&instid[appsetupurl]=http://data.iplayer.fm/mail/iuvih3o/21518894/294221274/Jamie_N_Commons_X_Ambassadors_-_Jungle_World_Cup_2014_ad_(iPlayer.fm).mp3&instid[appimageurl]=http://s3.amazonaws.com/.../downloadall.png&prefix=Jamie N Commons X Ambassadors Jungle World Cup 2014 ad

http://data.iplayer.fm/file/iuvih3o/21518894/.../Jamie_N_Commons_X_Ambassadors_-_Jungle_World_Cup_2014_ad_(iPlayer.fm).mp3

Remove jamie n commons x ambassadors jungle world cup 2014 ad__3055_il783.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.