home

mixi.exe

OutBrowse LTD

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application mixi.exe by OutBrowse has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. This will plug into the web browser and collect information about the user's browsing activities (such as visited URLs) in order to display targeted popup advertisementsand connect to a remote server to report back such behaviors.
Publisher:
MixiDJ  (signed by OutBrowse LTD)

Product:
MixiDJ

Version:
1.0

MD5:
85e6bac3826b785b9c7a6f98c6601383

SHA-1:
a2eb63e88777606a9d3c88f65bcc4556e0479f48

SHA-256:
4273a272dc365d1ea77107d2842328cac0f1b910937918c38f4cad8a79888cf9

Scanner detections:
26 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/25/2024 1:03:58 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
MemScan:Application.Bundler.Outbrowse.K
639

Agnitum Outpost
PUA.Downloader
7.1.1

Avira AntiVirus
PUA/Outbrowse.Gen
3.6.1.96

avast!
Win32:OutBrowse-HW [PUP]
2014.9-150507

AVG
MalSign.Generic
2016.0.3117

Bitdefender
MemScan:Application.Bundler.Outbrowse.K
1.0.20.635

Bkav FE
W32.HfsAdware
1.3.0.6379

Clam AntiVirus
Win.Adware.OutBrowse-4
0.98/21511

Dr.Web
Adware.Downware.1336
9.0.1.0127

ESET NOD32
Win32/OutBrowse (variant)
9.9025

F-Secure
MemScan:Application.Bundler.Outbrowse
11.2015-07-05_5

G Data
MemScan:Application.Bundler.Outbrowse
15.5.25

herdProtect (fuzzy)
variant of mahjong1.exe (Adware)
2015.8.5.3

Kaspersky
not-a-virus:Downloader.Win32.Agent
14.0.0.2080

Malwarebytes
PUP.Optional.OutBrowse
v2015.05.07.01

McAfee
Artemis!85E6BAC3826B
5600.6773

MicroWorld eScan
MemScan:Application.Bundler.Outbrowse.K
16.0.0.381

Panda Antivirus
Trj/NsisDownloader.A
15.05.07.01

Qihoo 360 Security
Win32/Virus.Downloader.4f1
1.0.0.1015

Quick Heal
TrojanDownloader.NSIS.OutBrowse.B
5.15.14.00

Reason Heuristics
Threat.Outbrowse.Bundler
15.5.6.21

Sophos
OutBrowse Revenyou
4.98

Total Defense
Win32/Tnega.MeQVDRC
37.1.62.1

Trend Micro House Call
TROJ_GEN.F47V1022
7.2.217

Vba32 AntiVirus
Signed-Adware.Outbrowse
3.12.26.3

VIPRE Antivirus
Adware.Adpopup
39522

File size:
613.2 KB (627,960 bytes)

Copyright:
© MixiDJ

Trademarks:
MixiDJ

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mixi.exe

Digital Signature
Signed by:
OutBrowse LTD

Authority:
Symantec Corporation

Valid from:
2/25/2013 4:00:00 PM

Valid to:
2/26/2014 3:59:59 PM

Subject:
CN=OutBrowse LTD, O=OutBrowse LTD, L=Ramat Gan, S=Ramat Gan, C=IL, SERIALNUMBER=514686914, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
06C1C2AE3E180ADDA27BBF2BD8EAC0E7

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:9yxVgFdpNYPW0C82suV43om/XioeJeZN97krl3Q2:9y3WNY3C82ENCKG3Q2

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9771

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove mixi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.