home

mastering physics keygen.exe

Daily ApPs FORfor

The application mastering physics keygen.exe by Daily ApPs FORfor has been detected as adware by 10 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from getm.0117g.info.
Publisher:
UNYQJ  (signed by Daily ApPs FORfor)

Product:
UNYQJ

Version:
5226.1562.1240.7745

MD5:
ddd3a43e96224b6b6d905d56df81e4a0

SHA-1:
909954bfee545abc7bb927bf2c6a33a4c02cc15d

SHA-256:
1e1d52c341d47eafd79e11be164c54a154f75485c9a6aa18fbbe3e543016f35f

Scanner detections:
10 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Analysis date:
5/11/2024 6:29:03 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.OutBrowse
2015.06.05

AVG
Potentially harmful program Downloader.HVV
2014.0.4311

Dr.Web
Trojan.OutBrowse.746
9.0.1.05190

ESET NOD32
Win32/OutBrowse.CB potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
6/5/2015

K7 AntiVirus
Unwanted-Program
13.204.16146

McAfee
Trojan.Artemis!DDD3A43E9622
18.0.204.0

Quick Heal
PUA.OutBrowse.A
6.15.14.00

Reason Heuristics
PUP.Outbrowse.Installer
15.6.4.23

Trend Micro House Call
Suspici.2DBCF6CF
7.2.156

File size:
642.2 KB (657,648 bytes)

Product version:
5226.1562.1240.7745

Copyright:
UNYQJ

Trademarks:
UNYQJ

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mastering physics keygen.exe

Digital Signature
Signed by:
Daily ApPs FORfor

Authority:
thawte, Inc.

Valid from:
5/30/2015 8:00:00 PM

Valid to:
1/27/2016 6:59:59 PM

Subject:
CN=Daily ApPs FORfor, O=Daily ApPs FORfor, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
035E34E974BFABE275BE7932F1212443

File PE Metadata
Compilation timestamp:
12/5/2009 5:52:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:jx0eWF9+2f03m2HjAZRMv9TL9iSdRR80d4xR2/h6mljfGMthaX88RCs8CkjoNyhg:jz29+2f32DAZRMv9nKpRYG8hasaiDoNR

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 1C, 45, 00, E8, F1, 2B, 00, 00, A3, 64, 1B, 45, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 37, 43, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, DB, 44, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, A0, 47, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9793

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file mastering physics keygen.exe has been seen being distributed by the following URL.

http://getm.0117g.info/1433217410/1433217410/.../bjYtLTUtI144MTcuKh5jPTEuMiwfbjsqHmdyaGFvXm1uX2ZdNG1acG5ga2lsYB0pMGllc25iY3EeKidrXnZhYGcmYnJmWG1iYGhcZmU7ZllqdF5vY2lgJTApaF95bGZdbh4yLmRdcGdeayBhYmxjZ1lkZTZqW25tZXBiZl4lKy1qY3JzZ1xrHDIpaF90YGVsH1woPSoxKjApMC4fXCk9KiNeLjYxJGJbZm42MyB1YnA7KQ

Remove mastering physics keygen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.