home

jogo.exe

Gerenciador de Download

BR SOFTWARE LLC

The application jogo.exe by BR SOFTWARE has been detected as adware by 22 anti-malware scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from www.protetor.info and multiple other hosts. While running, it connects to the Internet address custip-2073.sedoparking.com on port 80 using the HTTP protocol.
Publisher:
ASSISTENTE DE DOWNLOAD  (signed by BR SOFTWARE LLC)

Product:
Gerenciador de Download

Version:
1.0.0

MD5:
da72073a3ff0ec7b5311afc711901913

SHA-1:
34ab4e58d0f63980442e931b796514e6e8cb0655

SHA-256:
beb6ffc573fb2f4b498f1aecbaad230fe9d806c6ef6b11138245b5cb7a278f36

Scanner detections:
22 / 68

Status:
Adware

Analysis date:
4/25/2024 6:26:29 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.PCMega.2
781

Agnitum Outpost
Trojan.DL.Agent
7.1.1

AhnLab V3 Security
Trojan/Win32.Agent
2014.11.07

avast!
Other:Malware-gen [Trj]
2014.9-141215

AVG
Downloader.edc
2015.0.3259

Bitdefender
Gen:Variant.Adware.PCMega.2
1.0.20.1745

Comodo Security
UnclassifiedMalware
20007

Dr.Web
Adware.Downware.376
9.0.1.0349

Emsisoft Anti-Malware
Gen:Variant.Adware.PCMega
8.14.12.15.01

ESET NOD32
Win32/Adware.PCMega
8.10682

Fortinet FortiGate
Riskware/PCMega
12/15/2014

F-Prot
W32/Adware.AKQE
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.PCMega.2
11.2014-15-12_2

G Data
Gen:Variant.Adware.PCMega
14.12.24

IKARUS anti.virus
Win32.Downloader.RDW
t3scan.1.8.3.0

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.2792

MicroWorld eScan
Gen:Variant.Adware.PCMega.2
15.0.0.1047

Reason Heuristics
PUP.BRSOFTWARE.E
14.12.15.13

Rising Antivirus
PE:Malware.Downloader!1.9EEC
23.00.65.141213

Sophos
Generic PUA DE
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-ZAccess
10176

ViRobot
Backdoor.Win32.A.ZAccess.394869[UPX]
2011.4.7.4223

File size:
373.4 KB (382,336 bytes)

Product version:
1.0.0

Copyright:
© ASSISTENTE DE DOWNLOAD

Original file name:
acelerador.exe

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\downloads\jogo.exe

Digital Signature
Signed by:
BR SOFTWARE LLC

Authority:
GlobalSign nv-sa

Valid from:
6/8/2012 3:58:43 PM

Valid to:
6/9/2015 3:58:43 PM

Subject:
CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11212BC0BF00C9C6FB65718638885C9FC576

File PE Metadata
Compilation timestamp:
5/6/2009 2:23:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:/fxjxvjpe238JMJRMVkvkcyc65DECBe2UQB343iTYOGQKnOfadwwM:/fnbsJiRQf9VnBe2U8ISUZQBCdvM

Entry address:
0xFA6C0

Entry point:
60, BE, 00, 20, 4A, 00, 8D, BE, 00, F0, F5, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
356 KB (364,544 bytes)

The file jogo.exe has been seen being distributed by the following 2 URLs.

http://www.protetor.info/download/alot/.../jogo.exe

http://www.publicidade.me/download/ads/ad38/.../jogo.exe

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to custip-2073.sedoparking.com  (91.195.241.73:80)

Remove jogo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.