home

jewelquest3.exe

Freegies JewelQuest 3

OutBrowse LTD

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application jewelquest3.exe by OutBrowse has been detected as adware by 16 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Freegies  (signed by OutBrowse LTD)

Product:
Freegies JewelQuest 3

Version:
1.0

MD5:
4dca25d95e1cf20800ded82220ff4844

SHA-1:
d6bd5b74c8859a7f1b8acaf34adfae004d065f6c

SHA-256:
eaabdddfa13aea0ada0b4e31eb1f42779630b28ee8f47801a47aec155e38a324

Scanner detections:
16 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/25/2024 9:22:34 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
MemScan:Application.Bundler.Outbrowse.K
593

Avira AntiVirus
APPL/Downloader.Gen
7.11.177.228

AVG
Generic
2016.0.3071

Bitdefender
MemScan:Application.Bundler.Outbrowse.K
1.0.20.860

Dr.Web
Adware.Downware.1336
9.0.1.0172

ESET NOD32
Win32/OutBrowse (variant)
9.10555

F-Secure
MemScan:Application.Bundler.Outbrowse
11.2015-21-06_1

G Data
MemScan:Application.Bundler.Outbrowse
15.6.24

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.1850

Malwarebytes
PUP.Optional.OutBrowse
v2015.06.21.11

MicroWorld eScan
MemScan:Application.Bundler.Outbrowse.K
16.0.0.516

Panda Antivirus
Trj/CI.A
15.06.21.11

Quick Heal
TrojanDownloader.NSIS.OutBrowse.B
6.15.14.00

Reason Heuristics
PUP.Outbrowse.Freegies.Bundler (M)
15.6.21.19

Sophos
OutBrowse Revenyou
4.98

Vba32 AntiVirus
Downloader.Agent
3.12.26.3

File size:
613.3 KB (627,968 bytes)

Copyright:
© Freegies JewelQuest 3

Trademarks:
Freegies JewelQuest 3

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\jewelquest3.exe

Digital Signature
Signed by:
OutBrowse LTD

Authority:
Symantec Corporation

Valid from:
2/25/2013 4:00:00 PM

Valid to:
2/26/2014 3:59:59 PM

Subject:
CN=OutBrowse LTD, O=OutBrowse LTD, L=Ramat Gan, S=Ramat Gan, C=IL, SERIALNUMBER=514686914, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
06C1C2AE3E180ADDA27BBF2BD8EAC0E7

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:DqxVgFdpNYPW0C82suV43om/XioeJeZN97krl3Q2:Dq3WNY3C82ENCKG3Q2

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9773

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove jewelquest3.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.