» mcafee-internet-security-suite.exe
Overview
Analysis
File Details
Downloads (1)

mcafee-internet-security-suite.exe

Smart Secure Software S.l.

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application mcafee-internet-security-suite.exe by Smart Secure Software S.l has been detected as adware by 29 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. The file has been seen being downloaded from d13dhn7ldhrcf6.cloudfront.net.

File name:

Publisher:

Smart Secure Software S.l. (signed and verified)

Version:

1.0.0.1

MD5:

669572adda41cd0ab2c5e8e3d17cec61

SHA-1:

0459a8c54fdc00f9b9097c4ca966adfb8251a90d

Scanner detections:

29 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/23/2024 5:52:43 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.Agent.OLP

784

AegisLab AV Signature

Troj.W32.Buzus

2.1.4+

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.DomaIQ

2014.10.22

Avira AntiVirus

APPL/Softpulse.Gen8

7.11.180.40

avast!

Win32:SoftPulse-AJ [PUP]

2014.9-141212

AVG

BundleApp_r

2015.0.3262

Bitdefender

Adware.Agent.OLP

1.0.20.1730

Clam AntiVirus

Win.Adware.Agent-16335

0.98/21411

Dr.Web

Trojan.DownLoader11.36013

9.0.1.0346

Emsisoft Anti-Malware

Adware.Agent.OLP

8.14.12.12.08

ESET NOD32

Win32/SoftPulse (variant)

8.10597

Fortinet FortiGate

W32/Buzus.UUTA!tr

12/12/2014

F-Prot

W32/A-a1299ecf

v6.4.7.1.166

F-Secure

Adware.Agent.OLP

11.2014-12-12_6

G Data

Adware.Agent.OLP

14.12.24

K7 AntiVirus

Trojan

13.184.13741

Kaspersky

not-a-virus:Downloader.Win32.LMN

14.0.0.2806

Malwarebytes

PUP.Optional.DomaIQ

v2014.12.12.08

McAfee

SoftPulse

5600.6918

MicroWorld eScan

Adware.Agent.OLP

15.0.0.1038

NANO AntiVirus

Trojan.Win32.SoftPulse.dfwfat

0.28.2.62841

nProtect

Adware.Agent.OLP

14.10.21.01

Qihoo 360 Security

Malware.QVM20.Gen

1.0.0.1015

Reason Heuristics

PUP.SmartSecureSoftwareSl.EE

14.12.12.20

Sophos

Smart Secure Software

4.98

Vba32 AntiVirus

Downloader.LMN

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

34118

Zillya! Antivirus

Adware.Agent.Win32.13908

2.0.0.1962

File size:

1.3 MB (1,390,720 bytes)

Product version:

1.0.0.1

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Softpulse SoftwareBundler

Language:

English (United States)

Common path:

C:\documents and settings\personel\mes documents\downloads\mcafee-internet-security-suite.exe

Digital Signature

Signed by:

Smart Secure Software S.l.

Authority:

Thawte, Inc.

Valid from:

6/17/2014 2:00:00 AM

Valid to:

6/18/2015 1:59:59 AM

Subject:

CN=Smart Secure Software S.l., O=Smart Secure Software S.l., L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

7F616522D287E85A40984A2C01C414C1

File PE Metadata

Compilation timestamp:

10/1/2014 1:36:57 PM

OS version:

6.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

24576:irKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPake:irKo4ZwCOnYjVmJPap

Entry address:

0x7D90

Entry point:

E8, C8, 41, 00, 00, E9, 7F, FE, FF, FF, E9, 3E, 27, 00, 00, FF, 35, 94, AE, 47, 00, FF, 15, A4, 70, 41, 00, 85, C0, 74, 02, FF, D0, 6A, 01, 6A, 00, E8, 0A, 49, 00, 00, 59, 59, E9, 22, 49, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 62, 49, 00, 00, 59, 85, C0, 74, 11, FF, 75, 08, E8, C0, 2C, 00, 00, 59, 85, C0, 74, E6, 8B, E5, 5D, C3, 6A, 01, 8D, 45, FC, C7, 45, FC, 84, 0F, 47, 00, 50, 8D, 4D, F0, E8, 27, 30, 00, 00, 68, 9C, 74, 47, 00, 8D, 45, F0, C7, 45, F0, 7C, 0F, 47, 00, 50, E8, 7C, 27, 00... 
[+]

Code size:

85.5 KB (87,552 bytes)

The file mcafee-internet-security-suite.exe has been seen being distributed by the following URL.

https://d13dhn7ldhrcf6.cloudfront.net/download.php?os=&icon=aHR0cDovL3NjcmVlbnNob3RzLmZyLnNmdGNkbi5uZXQvZnIvc2Nybi8zODAwMC8zODA4Mi9tY2FmZWUtaW50ZXJuZXQtc2VjdXJpdHktMTQtMTAweDEwMC5wbmc=&desc=U8OpY3VyaXTDqSBjb250cmUgbGEgbWVuYWNlIHF1aSB2aWVudCBkdSB3ZWI=&name=McAfee Internet Security&domain=mcafee-internet-security-suite&ss=&lang=fr_FR&url=aHR0cDovL21jYWZlZS1pbnRlcm5ldC1zZWN1cml0eS1zdWl0ZS5zb2Z0b25pYy5mcg==&version=1112142&ins=organic-portaluxfr

Remove mcafee-internet-security-suite.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.