home

kawasaki_ex_250_-_gpx_250_88_-_service_manual_supl_pdf.exe

Kantida Chanudrum

The application kawasaki_ex_250_-_gpx_250_88_-_service_manual_supl_pdf.exe by Kantida Chanudrum has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.torntv-dl.net and multiple other hosts.
Publisher:
Kantida Chanudrum  (signed and verified)

MD5:
027f163bbf140801ae90d32719c73ea1

SHA-1:
9379c0bf7c5488578caaef60500c141045dae66b

SHA-256:
9970d354144fef32c41f215f211098dfdde2d7950a690376c4f5b1ae06c404c4

Scanner detections:
17 / 68

Status:
Adware

Explanation:
The installer bundles additional adware-type offers (ad-supported) that are displayed to the user during setup and typically installed by default. These include web browser ad-injectors.

Analysis date:
4/19/2024 11:19:40 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Bundler.W
889

avast!
Dropper-gen [Drp]
2014.9-140829

AVG
Generic
2015.0.3427

Bitdefender
Application.Bundler.W
1.0.20.1205

Clam AntiVirus
Win.Trojan.Agent-751031
0.98/19086

Dr.Web
Adware.Downware.2138
9.0.1.0241

F-Secure
Application.Bundler.W
11.2014-29-08_6

G Data
Application.Bundler
14.8.24

herdProtect (fuzzy)
variant of adorage_vol_1_9plus_1_bin_full.exe (Adware)
2014.8.30.3

IKARUS anti.virus
PUA.AppBundler
t3scan.1.6.1.0

Malwarebytes
PUP.Optional.OneClickDownloader.A
v2014.06.30.07

McAfee
Artemis!027F163BBF14
5600.7083

MicroWorld eScan
Application.Bundler.W
15.0.0.723

Qihoo 360 Security
Win32/Virus.Adware.47b
1.0.0.1015

Reason Heuristics
PUP.KantidaChanudrum.w
14.7.3.1

Trend Micro House Call
Suspicious_GEN.F47V0629
7.2.181

VIPRE Antivirus
Threat.4783938
31088

File size:
369.9 KB (378,800 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\kawasaki_ex_250_-_gpx_250_88_-_service_manual_supl_pdf.exe

Digital Signature
Signed by:
Kantida Chanudrum

Authority:
Thawte, Inc.

Valid from:
4/15/2014 10:00:00 AM

Valid to:
4/16/2015 9:59:59 AM

Subject:
CN=Kantida Chanudrum, OU=Individual Developer, O=No Organization Affiliation, L=Phuket, S=Phuket, C=TH

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
12C00C2179570252969AF80D723272A8

File PE Metadata
Compilation timestamp:
12/6/2009 8:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:ysA70RMwBGlrX5Xp5aFcuUwwFypEA3ueLHkti7wTNgLXPjpq2iZl7cx3JvY:u0RVgaMFyTHrCxTuLfd4ZlA3JvY

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.8785

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file kawasaki_ex_250_-_gpx_250_88_-_service_manual_supl_pdf.exe has been seen being distributed by the following 29 URLs.

http://www.torntv-dl.net/.../The_Big_Bang_Theory_S07E22_HDTV_x264_LOL[ettv].exe

http://www.torntv-dl.com/.../Donker_Mag_by_DIE_ANTWOORD_[2014]_Full_Album.exe

http://www.torntv-dl.net/.../YourDownload.exe

http://www.torntv-dl.net/.../Elena_Undone.exe

http://www.torntv-dl.net/.../OMSI_The_Bus_Simulator_SKIDROW.exe

http://www.torntv-dl.net/.../usb_audio_asio_driver_2_8_45_license_key_Full.exe

http://www.torntv-downloader-dl.info/.../Max_Payne_3_RELOADED.exe

http://www.torntv-dl.net/.../Password_List.exe

http://www.torntv-dl.net/.../Cirque_du_Soleil_-_Corteo_Soundtrack.exe

http://www.torntv-dl.net/.../Cirque_du_soleil_Alegria[sahae][DVDrip][V_O_]_avi.exe

http://www.torntv-dl.com/.../Tacx_Pyrenee.exe

http://www.torntv-dl.com/.../Total_War_ROME_II_RELOADED_iso.exe

http://www.torntv-dl.net/.../Eu_Christiane_F_13_Anos_Drogada_e_Prostituida_Dublado_avi.exe

http://www.torntv-dl.net/.../BARTHES_Roland.exe

http://www.torntv-dl.com/.../Epica.Retrospect.2013.1080p.Part.1.MBluRay.exe

http://www.torntv-dl.com/.../Cuando_llama_un_extrayo_dvdrip.torrent.exe

http://www.torntv-dl.net/.../BitDefender_Total_Security_2008_V11.0.15_Keygen(Patch)-HeartBug.exe

http://www.torntv-dl.com/.../Angela_Gheorghiu_-_The_Essential_Angela_Gheorghiu_-_CD_Rip_-_FLAC_-_Individual_Tracks___Cover___cue_-_iP00D.exe

https://www.torntv-dl.net/.../SoftPrime_Advanced_File_Organizer_v3_01_Cracked-CFF.exe

http://www.torntv-dl.com/.../Nero_StartSmart_Essentials.exe

http://www.torntv-dl.net/.../51.exe

http://www.torntv-dl.net/.../Medieval_II_Total_War_Kingdoms_(Expansion_Pack).exe

http://www.torntv-tvv.org/.../lost_in_space_complete_series_1-3_dvdrip.exe

http://www.torntv-dl.com/.../Maxprog_MaxBulk_Mailer_Pro_v8.3.exe

http://www.torntv-dl.com/.../Adobe_Illustrator_CS6_16.0.0_(32-64_bit)_ChingLiu.exe

http://www.torntv-dl.com/.../Motorola_Service_Tool_MSTool_8_zip.exe

https://www.torntv-dl.net/.../ReFX_Nexus_v2.exe

http://www.torntv-dl.com/.../Eastern_Boys_Movie_NL_2014_BluRay_1080p_x264_NL_Subs.exe

https://www.torntv-dl.net/.../Kawasaki_EX_250_-_GPX_250_88_-_Service_Manual_Supl_pdf.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.