» muziek bewerken lp cassttesound forge pro.exe
Overview
Analysis
File Details

muziek bewerken lp cassttesound forge pro.exe

FIRSERIA, S.L.

The setup program uses the Firseria/Solimba AppInstaller (DownloadMR) which is a monetization download manager that bundles additional adware offers, typically by wrapping legitimate applications. The application muziek bewerken lp cassttesound forge pro.exe by FIRSERIA, S.L has been detected as adware by 8 anti-malware scanners. The program is a setup application that uses the Solimba DownloadMR installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.

File name:

Publisher:

Firser (signed by FIRSERIA, S.L.)

Description:

Installer

Version:

1.0.0.4

MD5:

6941e7db085c2a83fd6d20b5cf3f59a8

SHA-1:

a0703c4f1416b582a23740e3f9b86b8d459014a5

SHA-256:

7751a400f9a5a313449f939ac4a0806964e1a361f6f4efb3546a784cbf8276d7

Scanner detections:

8 / 68

Status:

Adware

Explanation:

Uses the Solimba installer to bundle adware offers.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/25/2024 11:17:20 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Crypt.ULPM.Gen

7.11.98.212

Dr.Web

Adware.Downware.1433

9.0.1.0239

ESET NOD32

Win32/FirseriaInstaller (variant)

9.8739

herdProtect (fuzzy)

variant of install.exe (Adware)

2015.8.27.6

IKARUS anti.virus

Virus.Win32.Cryptor

t3scan.2.0.127

Malwarebytes

PUP.Optional.Solimba.mr

v2015.08.27.06

Reason Heuristics

PUP.Solimba.FIRSERIA.Bundler (M)

15.7.25.14

VIPRE Antivirus

DownloadMR

20978

File size:

228.8 KB (234,296 bytes)

Product version:

1.0.0.4

Original file name:

install.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Solimba DownloadMR

Digital Signature

Signed by:

FIRSERIA, S.L.

Authority:

Thawte, Inc.

Valid from:

7/24/2013 2:00:00 AM

Valid to:

7/25/2014 1:59:59 AM

Subject:

CN="FIRSERIA, S.L.", OU=IT, O="FIRSERIA, S.L.", L=Badalona, S=Barcelona, C=ES

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

73C4780FAC0CD497B0778732FB8AF673

File PE Metadata

Compilation timestamp:

8/26/2013 5:09:33 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:GAmIhgpYy4c2+keFKEK7kmR/qszYX1932QVTH3jRVI6a:GVIhgpYR+keoAmRCsm9Zs

Entry address:

0x58CD0

Entry point:

60, BE, 00, 60, 42, 00, 8D, BE, 00, B0, FD, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

204 KB (208,896 bytes)

Remove muziek bewerken lp cassttesound forge pro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.