home

miniinstall.exe

Able Search Systems Ltd.

The application miniinstall.exe by Able Search Systems has been detected as a potentially unwanted program by 24 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. During install, it bundles potentially unwanted software on a user's computer at the same time without adequate consent. The file has been seen being downloaded from install.multinstaller.com.
Publisher:
Media Labs Ltd  (signed by Able Search Systems Ltd.)

Version:
0.3.0.31

MD5:
e220f39a641d92dfa7411932f517676b

SHA-1:
662f08a86d724bc26410b36e6cbe3798398b0df7

SHA-256:
45ee3b3b104253a3bd4966337ad2727aaa64d579f60a32b81412be7e88e44433

Scanner detections:
24 / 68

Status:
Potentially unwanted

Explanation:
May bundle additional potentially unwanted software such as adware during setup.

Analysis date:
4/23/2024 5:06:45 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
W32.Adware.Multibar
2.1.4+

Agnitum Outpost
PUA.Toolbar.MultiBarDown
7.1.1

AhnLab V3 Security
PUP/Win32.MediaLabs
2014.10.07

Avira AntiVirus
Adware/Multibar.B.9
7.11.176.250

avast!
Ivelog-D [PUP]
141003-0

AVG
Potentially harmful program Toolbar.Multibar
2014.0.4037

Comodo Security
TrojWare.Win32.Downloader.Agent.TTS
19725

Dr.Web
hacktool program Tool.InstallToolbar.64
9.0.1.05190

ESET NOD32
Win32/Multibar.AN potentially unwanted application
7.0.302.0

Fortinet FortiGate
W32/MultiBarDownloader!tr
10/6/2014

F-Prot
W32/MediaLabs.A.gen
4.6.5.141

G Data
Win32.Adware.Multibar
14.10.24

K7 AntiVirus
Unwanted-Program
13.183.13597

Kaspersky
not-a-virus:WebToolbar.Win32.MultiBarDownloader
15.0.0.494

Malwarebytes
PUP.BundleInstaller.MB
v2014.10.06.03

NANO AntiVirus
Riskware.Win32.Webtoolbar.jjmtg
0.28.2.62483

Norman
Delf.KFGS
11.20141006

Reason Heuristics
PUP.AbleSearchSystems.L
14.11.21.23

Rising Antivirus
PE:PUF.TicnoPush!1.9C65
23.00.65.141004

Sophos
Multbar
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-MultiBar
10316

Vba32 AntiVirus
Downware.iDatix.gen
3.12.26.3

VIPRE Antivirus
Threat.4150696
33706

Zillya! Antivirus
Adware.MultiBarDownloader.Win32.35
2.0.0.1945

File size:
329.3 KB (337,168 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\miniinstall.exe

Digital Signature
Signed by:
Able Search Systems Ltd.

Authority:
COMODO CA Limited

Valid from:
2/28/2012 4:00:00 AM

Valid to:
2/28/2013 3:59:59 AM

Subject:
CN=Able Search Systems Ltd., O=Able Search Systems Ltd., STREET=393 LORDSHIP LANE, L=London, S=London, PostalCode=N176AE, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
6AD4D4FDA48A70C61E9C82C8A5783227

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:iEDYbne05vbhhmJFFyotWI4jJCih57xqPKXEWLRam1w1y9r6msxfRPgoT6F1neNn:6bnZbhgjDWFs/Z6RamCMB6m+RgoeGEYx

Entry address:
0xC0F70

Entry point:
60, BE, 00, 50, 47, 00, 8D, BE, 00, C0, F8, FF, C7, 87, 9C, 90, 08, 00, 19, 22, 06, F0, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46...
 
[+]

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
308 KB (315,392 bytes)

The file miniinstall.exe has been seen being distributed by the following URL.

http://install.multinstaller.com/.../?wmid=wbsm_2522_sftport&url=aHR0cDovL2Fub2thbGludGlrLnJ1L3dwLWNvbnRlbnQvYWRndWFyZEluc3RhbGxlci5leGU=

Remove miniinstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.