» monopoly deluxe.exe
Overview
Analysis
File Details
Network (2)

monopoly deluxe.exe

Monopoly Deluxe

Apps Installer S.L.

This is the Solimba installer program that will bundle additional offers mostly including adware and various unwanted PC utilities. The application monopoly deluxe.exe, “Monopoly Deluxe AppInstaller” by Apps Installer S.L has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.

File name:

monopoly deluxe.exe

Publisher:

Apps Installer S.L. (signed and verified)

Product:

Monopoly Deluxe

Description:

Monopoly Deluxe AppInstaller

Version:

3.0.16.0

MD5:

d6636f0a6ec23057eca5745170590962

SHA-1:

fcab595f6beffe3e1f1f98916218a8e75da2694c

SHA-256:

5fffb75805a56ecb1a7153304036eee57e5a50d6aaed1e11cf6222b9d6673152

Scanner detections:

19 / 68

Status:

Adware

Explanation:

This is a wrapped installation of legitimate software (without persmission of the developer) and bundles adware such as toolbars and extensions.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/26/2024 6:03:11 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Solimba

7.1.1

Avira AntiVirus

APPL/Solimba.Gen

7.11.188.58

avast!

Solimba-C [PUP]

141119-1

AVG

Bechiro SL

2015.0.3282

Baidu Antivirus

Adware.Win32.Fiseria

4.0.3.141122

Comodo Security

Application.Win32.Solimba.GW

20164

Dr.Web

Adware.Downware.1125

9.0.1.05190

ESET NOD32

MSIL/Solimba potentially unwanted application

7.0.302.0

Fortinet FortiGate

Adware/Solimba

11/22/2014

K7 AntiVirus

Unwanted-Program

13.185.14098

Kaspersky

not-a-virus:AdWare.Win32.Fiseria

15.0.0.543

Malwarebytes

PUP.Optional.Solimba

v2014.11.22.04

NANO AntiVirus

Riskware.Win32.Downware.daewlr

0.28.6.63474

Panda Antivirus

Adware/Solimba

14.11.22.04

Reason Heuristics

PUP.Installer.AppsInstallerSL.P

14.11.22.15

Sophos

Solimba Installer

4.98

SUPERAntiSpyware

Adware.Solimba/Variant

10222

Vba32 AntiVirus

Signed-Downware.Morstar.AppsInstallerSL

3.12.26.3

VIPRE Antivirus

Threat.4782980

35010

File size:

271.6 KB (278,072 bytes)

AppInstaller 2013 (132050214)

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Solimba DownloadMR

Common path:

C:\users\{user}\downloads\monopoly deluxe.exe

Digital Signature

Signed by:

Apps Installer S.L.

Authority:

Thawte, Inc.

Valid from:

2/19/2013 12:00:00 AM

Valid to:

2/19/2015 11:59:59 PM

Subject:

CN=Apps Installer S.L., O=Apps Installer S.L., L=Barcelona, S=Barcelona, C=ES

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

323F44D66AEF890F43C32CFD743A4AD0

File PE Metadata

Compilation timestamp:

2/19/2012 3:01:49 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

6144:CsaocyLCgeqUb0h534mymWidi44RU1jd/S/b3XTm:CtobbeqUopya4ina/b3jm

Entry address:

0x4327

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, 93, 42, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, 94, 42, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, 94, 42, 00, 56, A3, 40, 7B, 42, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 7B, 42, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, 94, 42, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7... 
[+]

Code size:

34.5 KB (35,328 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to cdn.solimba.com (95.211.6.35:80)

TCP (HTTP):

Connects to api.downloadmr.com (95.211.39.161:80)

http://api.downloadmr.com/installer/42006837/launch

Remove monopoly deluxe.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.