» +msman4y.exe
Overview
Analysis
File Details

+msman4y.exe

Plugin Update SL

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file +msman4y.exe by Plugin Update SL has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. It is also typically executed from the user's temporary directory.

File name:

+msman4y.exe

Publisher:

Plugin Update SL (signed and verified)

MD5:

ee36a70c7f9ab60bc7379050e8a8d7b4

SHA-1:

7fbc4dc968380cbfecce97817d1aa5fff6c18f7e

SHA-256:

e610ee6a058e63281810d8bc8f2f895abe645decf68efe32bd523edac3b7bca6

Scanner detections:

24 / 68

Status:

Adware

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

4/19/2024 9:07:49 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Zusy.107390

865

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.DomaIQ

2014.09.23

Avira AntiVirus

Adware/Softpulse.107390

7.11.173.208

avast!

Win32:SoftPulse-AH [PUP]

2014.9-140922

AVG

Generic

2015.0.3343

Bitdefender

Gen:Variant.Adware.Zusy.107390

1.0.20.1325

Clam AntiVirus

Win.Adware.Agent-11309

0.98/19413

Dr.Web

Trojan.MulDrop5.40191

9.0.1.0265

Emsisoft Anti-Malware

Gen:Variant.Adware.Zusy.107390

8.14.09.22.01

ESET NOD32

Win32/SoftPulse (variant)

8.10448

F-Secure

Gen:Variant.Adware.Zusy.107390

11.2014-22-09_2

G Data

Gen:Variant.Adware.Zusy.107390

14.9.24

herdProtect (fuzzy)

variant of java_installer.exe (Adware)

2014.12.4.16

Malwarebytes

PUP.Optional.DomaIQ

v2014.09.22.01

McAfee

Socrydo

5600.6999

MicroWorld eScan

Gen:Variant.Adware.Zusy.107390

15.0.0.795

NANO AntiVirus

Riskware.Win32.SoftPulse.dfhrtw

0.28.2.62286

Norman

SoftPulse.H

11.20140922

Panda Antivirus

Trj/Genetic.gen

14.12.04.11

Reason Heuristics

PUP.PluginUpdateSL.M

14.9.22.10

Sophos

SoftPulse

4.98

Vba32 AntiVirus

BScope.Adware.Softpulse

3.12.26.3

VIPRE Antivirus

Threat.4150696

32938

File size:

1.3 MB (1,382,240 bytes)

Bundler/Installer:

Softpulse SoftwareBundler

Common path:

C:\users\{user}\appdata\local\temp\+msman4y.exe.part

Digital Signature

Signed by:

Plugin Update SL

Authority:

COMODO CA Limited

Valid from:

6/12/2014 2:00:00 AM

Valid to:

6/13/2015 1:59:59 AM

Subject:

CN=Plugin Update SL, O=Plugin Update SL, STREET=Calle el Pozo 17B, L=Adeje, S=Santa Cruz de Tenerife, PostalCode=38670, C=ES

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

71187DCE449010F93A5F7196C11AB192

File PE Metadata

Compilation timestamp:

9/19/2014 9:40:09 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:IOiZzDXGLFP53UG7bL1HohIE6BvRx0GOb/4+a0q3bhAqtxe9gB:hi1DWLFP53UGe76x0ZUphdtRB

Entry address:

0x6BFA

Entry point:

E8, FF, 3C, 00, 00, E9, 7F, FE, FF, FF, E9, 0F, 00, 00, 00, 3B, 0D, 90, 90, 46, 00, 75, 02, F3, C3, E9, FA, 43, 00, 00, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 10, A9, 46, 00, FF, 15, 68, 50, 41, 00, 85, C0, 75, 18, 56, E8, 03, 45, 00, 00, 8B, F0, FF, 15, B8, 50, 41, 00, 50, E8, 08, 45, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74, 32, F7... 
[+]

Code size:

78 KB (79,872 bytes)

Remove +msman4y.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.