home

nilsat.rar.rar.exe

Just Accept

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application nilsat.rar.rar.exe by Just Accept has been detected as adware by 25 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. According to AVG, this software downloads additional adware offers during setup.
Publisher:
Just Accept  (signed and verified)

MD5:
55b3d9636882d56ee55d5dee96d494fb

SHA-1:
c84a39564ac71077f663bab41b2ac4769fc58937

SHA-256:
8d6106a97143d84febd7f3bcaf267089dfd8317ab6c9afd87f9df3c304c7a9e3

Scanner detections:
25 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 3:14:28 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
MemScan:Application.Bundler.JU
6489972

Agnitum Outpost
PUA.OutBrowse
7.1.1

AhnLab V3 Security
Win-PUP/OutBrowse
2015.01.31

Avira AntiVirus
APPL/Outbrowse.Gen
7.11.206.0

AVG
Potentially harmful program Downloader.DEX
2014.0.4257

Bitdefender
MemScan:Application.Bundler.JU
1.0.20.150

Dr.Web
Trojan.OutBrowse.54
9.0.1.05190

Emsisoft Anti-Malware
MemScan:Application.Bundler.JU
9.0.0.4799

ESET NOD32
Win32/OutBrowse.BS potentially unwanted application
7.0.302.0

Fortinet FortiGate
W32/Agent.BS!tr
1/30/2015

F-Secure
Riskware.MemScan:Application.Bundler.JU
5.13.68

G Data
MemScan:Application.Bundler.JU
15.1.25

K7 AntiVirus
Unwanted-Program
13.193.14817

Kaspersky
not-a-virus:Downloader.NSIS.OutBrowse
15.0.0.543

Malwarebytes
PUP.Optional.OutBrowse
v2015.01.30.01

McAfee
Adware-OutBrowse.e
5600.6869

MicroWorld eScan
MemScan:Application.Bundler.JU
16.0.0.90

NANO AntiVirus
Trojan.Win32.OutBrowse.dmjuro
0.30.0.65070

Quick Heal
Downloader.NSIS.r5 (Not a Virus)
1.15.14.00

Reason Heuristics
PUP.JustAccept
15.1.30.13

Sophos
PUA 'OutBrowse Revenyou'
5.10

Trend Micro House Call
TROJ_GE.8D700EFD
7.2.30

Trend Micro
TROJ_GE.8D700EFD
10.465.30

Vba32 AntiVirus
Downloader.OutBrowse
3.12.26.3

VIPRE Antivirus
Threat.4150696
36694

File size:
582.4 KB (596,336 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\programs\nilsat.rar.rar.exe

Digital Signature
Signed by:
Just Accept

Authority:
GlobalSign nv-sa

Valid from:
11/11/2014 10:11:12 AM

Valid to:
11/12/2015 10:11:12 AM

Subject:
CN=Just Accept, O=Just Accept, L=Dublin, C=IE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112140B0F5C56686295F63DE0A97ABB5EC76

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:IUJF5yE0g7DDtvyJEF2If/ZqlZD1J6N6gEI+0Frd:IUJF5ySnt6XcUbD1fqp

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove nilsat.rar.rar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.