» nhl 09 free download pc rar downloader__3687_i1051472796_il1565247.exe
Overview
Analysis
File Details
Downloads (1)

nhl 09 free download pc rar downloader__3687_i1051472796_il1565247.exe

KOMPANIYA КRЕАТА LLC

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application nhl 09 free download pc rar downloader__3687_i1051472796_il1565247.exe by KOMPANIYA КRЕАТА has been detected as adware by 29 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

KOMPANIYA КRЕАТА LLC (signed and verified)

Version:

1.1.5.26

MD5:

25f4dbbce2ae3f2223a175fc62042dfe

SHA-1:

6b8e61f7d4b6bf2c5127d9c1cb568817cad1b536

SHA-256:

3e9958b9232334711bbdb25702f82adf899884ef855334f069595cb7414bbf71

Scanner detections:

29 / 68

Status:

Adware

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/24/2024 6:09:37 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.Amonetize.N

630

Agnitum Outpost

PUA.Amonetize

7.1.1

AhnLab V3 Security

PUP/Win32.Amonetiz

2015.05.03

avast!

Win32:PUP-gen [PUP]

2014.9-150515

AVG

Toolbar

2016.0.3108

Baidu Antivirus

Adware.Win32.Amonetize

4.0.3.15515

Bitdefender

Application.Bundler.Amonetize.N

1.0.20.675

Comodo Security

TrojWare.Win32.Amonetize.CJN

21978

Dr.Web

Adware.Downware.5913

9.0.1.0135

ESET NOD32

Win32/Amonetize.BI potentially unwanted (variant)

9.11566

Fortinet FortiGate

Adware/Amonetize

5/15/2015

F-Prot

W32/A-e6e0bf6a

v6.4.7.1.166

F-Secure

Application.Bundler.Amonetize

11.2015-15-05_6

G Data

Application.Bundler.Amonetize

15.5.25

K7 AntiVirus

Unwanted-Program

13.203.15785

Kaspersky

not-a-virus:AdWare.Win32.Amonetize

14.0.0.2037

McAfee

Artemis!25F4DBBCE2AE

5600.6764

MicroWorld eScan

Application.Bundler.Amonetize.N

16.0.0.405

NANO AntiVirus

Riskware.Win32.Amonetize.dchxoa

0.30.24.1357

nProtect

Trojan-Clicker/W32.Amonetize.351968

15.04.30.01

Panda Antivirus

Trj/CI.A

15.05.15.12

Quick Heal

PUA.Amonetize.A5

5.15.14.00

Reason Heuristics

PUP.Bundler.Amonetize

15.5.15.8

Sophos

Amonetize

4.98

Trend Micro House Call

TROJ_SPNR.08K414

7.2.135

Trend Micro

TROJ_SPNR.08K414

10.465.15

Vba32 AntiVirus

AdWare.Amonetize

3.12.26.3

VIPRE Antivirus

Amonetize

39892

Zillya! Antivirus

Adware.Amonetize.Win32.128

2.0.0.2164

File size:

343.7 KB (351,968 bytes)

Product version:

1.1.5.26

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Amonetize Downloader

Common path:

C:\users\{user}\downloads\nhl 09 free download pc rar downloader__3687_i1051472796_il1565247.exe

Digital Signature

Signed by:

KOMPANIYA КRЕАТА LLC

Authority:

Thawte, Inc.

Valid from:

6/16/2014 3:00:00 AM

Valid to:

6/17/2015 2:59:59 AM

Subject:

CN=KOMPANIYA КRЕАТА LLC, O=KOMPANIYA КRЕАТА LLC, L=Kharkiv, S=Kharkiv, C=UA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

04CA5D77531C0E61E4DE2CB0E6E4B5B2

File PE Metadata

Compilation timestamp:

7/17/2014 8:03:00 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:kBieRGukt2xUBTBIIIjANN2D4M7as7hURHSA/bin3Pcm2UshJawgG:WvsN2xUBT4PD4MmSA+3km6/awgG

Entry address:

0x14C32

Entry point:

E8, E8, 5F, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 3C, 8E, 3F, 00, 00, 75, 18, E8, C8, 59, 00, 00, 6A, 1E, E8, 12, 58, 00, 00, 68, FF, 00, 00, 00, E8, 10, F6, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, 3C, 8E, 3F, 00, FF, 15... 
[+]

Code size:

116.5 KB (119,296 bytes)

The file nhl 09 free download pc rar downloader__3687_i1051472796_il1565247.exe has been seen being distributed by the following URL.

http://www.generaldownload.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Nhl 09 Free Download Pc Rar Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1807922098.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Nhl 09 Free Download Pc Rar Downloader&instid[interrupted]=http://.../?cancel&ti1=1807922098&instid[thankyoupage]=http://.../?success

Remove nhl 09 free download pc rar downloader__3687_i1051472796_il1565247.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.