» nitro pro 9.0.3.2 full serial keygen.exe
Overview
Analysis
File Details
Network (1)

nitro pro 9.0.3.2 full serial keygen.exe

Ivan Manov

This is a WebPick installer that bundles (with very minimal user consent) a number of adware browser extensions which inject ads in the browser. The application nitro pro 9.0.3.2 full serial keygen.exe, “Installer for AppSnow” by Ivan Manov has been detected as adware by 29 anti-malware scanners. The program is a setup application that uses the WebPick InstalleRex (Tarma) installer. The setup program uses Web-Pick's InstalleRex download manager and installer to bundle potentially unwanted ad-supported software which includes toolbars and browser extensions through a pay-per-install monetization scheme.

File name:

Publisher:

AppSnow (signed by Ivan Manov)

Product:

AppSnow

Description:

Installer for AppSnow

Version:

2014.6.19.1201

MD5:

295c5f1a636523c0cfffcfee345ba913

SHA-1:

df52444f2084c845a3acf7b98bfa4565b9e8f24c

SHA-256:

3b6d98814f7172883f32e895dc2e5cf7df77d8793f11259d73a7415cc335ad4b

Scanner detections:

29 / 68

Status:

Adware

Explanation:

Uses the InstalleRex from WebPick Internet Holdings to install bundled add-ons including toolbars and other web browser extensions.

Analysis date:

4/26/2024 4:48:43 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.R

836

Agnitum Outpost

Trojan.AntiFW

7.1.1

AhnLab V3 Security

PUP/Win32.TSULoader

2014.10.22

Avira AntiVirus

TR/Agent.BDPS

7.11.180.122

avast!

Win32:InstalleRex-CE [PUP]

141003-0

AVG

Generic

2015.0.3314

Bitdefender

Application.Bundler.R

1.0.20.1475

Bkav FE

W32.FamVT.AntiFWK.Trojan

1.3.0.4959

Comodo Security

Application.Win32.InstallRex.R

19871

Dr.Web

Trojan.WebPick.2654

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.R

14.10.22

ESET NOD32

Win32/InstalleRex.M potentially unwanted application

7.0.302.0

Fortinet FortiGate

Riskware/Generic.AC.4161048

10/22/2014

F-Prot

W32/InstallRex.B.gen

v6.4.7.1.166

F-Secure

Application.Bundler.R

11.2014-22-10_4

G Data

Application.Bundler

14.10.24

K7 AntiVirus

Unwanted-Program

13.184.13741

Kaspersky

Trojan.Win32.AntiFW

15.0.0.494

Malwarebytes

PUP.Optional.InstalleRex

v2014.10.22.06

McAfee

PUP-FHQ

5600.6970

MicroWorld eScan

Application.Bundler.R

15.0.0.885

NANO AntiVirus

Riskware.Win32.InfoLeak.cvgqot

0.28.2.62841

Qihoo 360 Security

Malware.QVM20.Gen

1.0.0.1015

Quick Heal

Trojan.AntiFW.A5

10.14.14.00

Reason Heuristics

Adware.WebPick.Installer.b

14.10.22.5

Sophos

InstallRex

4.98

Vba32 AntiVirus

Downware.TSU

3.12.26.3

VIPRE Antivirus

Threat.4150696

33706

Zillya! Antivirus

Trojan.AntiFW.Win32.349

2.0.0.1962

File size:

318.7 KB (326,336 bytes)

Product version:

1.0.0.3

Original file name:

TSULoader.exe

File type:

Executable application (Win32 EXE)

Installer:

WebPick InstalleRex (Tarma)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\nitro pro 9.0.3.2 full serial keygen.exe

Digital Signature

Signed by:

Ivan Manov

Authority:

COMODO CA Limited

Valid from:

9/23/2013 3:00:00 AM

Valid to:

9/24/2014 2:59:59 AM

Subject:

CN=Ivan Manov, O=Ivan Manov, STREET=Irininskaya 18, L=Kiev, S=Kiev, PostalCode=01034, C=UA

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0098D22F2CDEFA00AA1A318F6903533F2B

File PE Metadata

Compilation timestamp:

3/12/2013 11:51:45 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

6144:Fr5bUzkuvcBYC47l2xGUIWhDcFHgO4nIcsKY3SLiZ:FrqkuveY3EdDcNgtIrKY3i6

Entry address:

0x14DB

Entry point:

55, 8B, EC, 81, EC, 2C, 06, 00, 00, 53, 56, 33, DB, 57, 66, 89, 9D, DC, FB, FF, FF, 89, 5D, F4, 89, 5D, FC, FF, 15, 74, 30, 40, 00, A3, 08, 44, 40, 00, FF, 15, 70, 30, 40, 00, 8B, F8, 8D, 45, EC, 50, FF, 15, 6C, 30, 40, 00, FF, 15, 68, 30, 40, 00, 8B, F0, F7, D6, 33, F7, FF, 15, 64, 30, 40, 00, 33, F0, 8B, 45, F0, 33, 45, EC, 68, 04, 01, 00, 00, 33, F0, 8D, 85, D4, F9, FF, FF, 50, 53, FF, 15, 60, 30, 40, 00, 85, C0, 75, 41, FF, 15, 5C, 30, 40, 00, 83, F8, 78, 75, 1A, 68, A8, 32, 40, 00, E8, 43, FB, FF, FF... 
[+]

Entropy:

7.9414

Developed / compiled with:

Microsoft Visual C++

Code size:

7.5 KB (7,680 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to r1.stylezip.info (54.186.255.26:80)

Remove nitro pro 9.0.3.2 full serial keygen.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.