home

majfst_gentlemg.exe

m_gentle

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application majfst_gentlemg.exe, “m_gentle Setup ” by Tuto4PC.com has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer.
Publisher:
FST   (signed by Tuto4PC.com)

Product:
m_gentle

Description:
m_gentle Setup

MD5:
4ea09b8e9acd72c73daf7006f3b6f3fe

SHA-1:
19b0cad28ffa621f436b86c6ba5fc50da59f2e20

SHA-256:
4552dc2b81c49f992bd7e15f035841db5a3e42550059ab3d49147828537aae9b

Scanner detections:
26 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 1:17:49 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Eorezo.CB
355

Avira AntiVirus
Adware/EoRezo.bond
7.11.188.174

avast!
Adware-ASG [PUP]
2014.9-160215

AVG
Generic
2017.0.2833

Baidu Antivirus
Adware.Win32.Eorezo
4.0.3.16215

Bitdefender
Adware.Eorezo.BZ
1.0.20.230

Comodo Security
ApplicUnwnt
20192

Dr.Web
Adware.Downware.3239
9.0.1.046

Emsisoft Anti-Malware
Adware.Eorezo.CB
8.16.02.15.08

ESET NOD32
multiple threats
10.7.0.302.0

Fortinet FortiGate
Riskware/EoRezo
2/15/2016

F-Secure
Adware.Eorezo.CB
11.2016-15-02_2

G Data
Win32.Adware.Eorezo
16.2.24

K7 AntiVirus
Adware
13.185.14120

Kaspersky
Trojan.Win32.StartPage
14.0.0.658

Malwarebytes
PUP.Optional.FreeSoftToday.A
v2016.02.15.08

McAfee
Artemis!2320FA8BCD58
5600.6489

MicroWorld eScan
Adware.Eorezo.BZ
17.0.0.138

Norman
Adware.Eorezo.CB
11.20160215

nProtect
Adware.Eorezo.BZ
14.11.25.01

Reason Heuristics
PUP.Eorezo.Tuto4PC.Bundler (M)
16.2.15.8

Sophos
PUA 'EoRezo Adware' (of type Adware)
5.22

SUPERAntiSpyware
PUP.FreeSoftToday/Variant
9322

Trend Micro House Call
TROJ_GEN.R047B01K714
7.2.46

Vba32 AntiVirus
AdWare.Eorezo
3.12.26.3

VIPRE Antivirus
Tuto4PC
35114

File size:
3 MB (3,174,160 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Common path:
C:\users\{user}\appdata\local\fst_mx_11\download\majfst_gentlemg.exe

Digital Signature
Signed by:
Tuto4PC.com

Authority:
GlobalSign nv-sa

Valid from:
11/5/2013 10:27:40 AM

Valid to:
11/6/2014 10:27:40 AM

Subject:
E=contact@tuto4pc.com, CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-De-France, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121DD93F3AC652F954C795B593955887E31

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:r02iX/Xd2z29UVnc1Gc1tvMFQU584yVFhhymysqe:wzX12A1Gc1hEnpynhhtysh

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

Remove majfst_gentlemg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.