» non confirmé 665658.crdownload
Overview
Analysis
File Details

non confirmé 665658.crdownload

Spincommand

This adware bundler is distributed through Adknowledge's advertising supported software managers. The file non confirmé 665658.crdownload, “Swift Installer ” by Spincommand has been detected as adware by 28 anti-malware scanners. The program is a setup application that uses the Adknowledge Fusion installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.

File name:

Publisher:

Swift Installer (signed by Spincommand)

Product:

Swift Installer

Description:

Swift Installer

Version:

2.4.8.1

MD5:

efd471f9952c9856585a7676cb23e6ef

SHA-1:

7e52b7d64d39e1734a5edfa5061c1b293fdc5087

SHA-256:

dcaf0fb22c03903a7e4afe1931aa951e6ab68ec94bc6ba731c8a05f5c0e2c692

Scanner detections:

28 / 68

Status:

Adware

Explanation:

This installer bundles various adware prorgams that may include toolbars and web browser advertising injectors/extensions.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/27/2024 6:30:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.35

6414176

AhnLab V3 Security

PUP/Win32.IBryte

2015.02.11

Avira AntiVirus

ADWARE/Adware.Gen7

7.11.209.48

avast!

Win32:Downloader-VSG [PUP]

150203-1

AVG

Adware AdPlugin.CAT

2014.0.4257

Bitdefender

Gen:Variant.Application.Bundler.35

1.0.20.205

Clam AntiVirus

Win.Adware.Ibryte-7214

0.98/21511

Comodo Security

Application.Win32.Ibryte.KS

21030

Dr.Web

Trojan.DownLoader11.54006

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Application.Bundler.35

9.0.0.4799

ESET NOD32

Win32/Adware.iBryte.BY application

7.0.302.0

F-Prot

W32/S-4a14a543

v6.4.7.1.166

F-Secure

Riskware.Gen:Variant.Application.Bundler

5.13.68

G Data

Gen:Variant.Application.Bundler.35

15.2.25

IKARUS anti.virus

Trojan-Downloader.Win32.Injecter

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.194.14927

Kaspersky

not-a-virus:AdWare.Win32.iBryte

15.0.0.543

Malwarebytes

PUP.Optional.IBryte

v2015.02.10.02

McAfee

Program.IBryte-FSO

16.8.708.2

MicroWorld eScan

Gen:Variant.Application.Bundler.35

16.0.0.123

NANO AntiVirus

Trojan.Win32.IBryte.dkpjxa

0.30.0.65070

Norman

IBryte.URL

11.20150210

nProtect

Trojan-Clicker/W32.iBryte.314744

15.02.10.01

Panda Antivirus

Trj/Genetic.gen

15.02.10.02

Reason Heuristics

PUP.Installer.Adknowledge

15.2.10.13

Vba32 AntiVirus

AdWare.iBryte

3.12.26.3

VIPRE Antivirus

Threat.4798837

36694

Zillya! Antivirus

Adware.iBryte.Win32.4462

2.0.0.2061

File size:

307.4 KB (314,744 bytes)

Product version:

2.4.8.1

Bundler/Installer:

Adknowledge Fusion

Language:

English (United States)

Common path:

C:\users\{user}\downloads\non confirmé 665658.crdownload

Digital Signature

Signed by:

Spincommand

Authority:

COMODO CA Limited

Valid from:

7/14/2014 2:00:00 AM

Valid to:

7/15/2015 1:59:59 AM

Subject:

CN=Spincommand, O=Spincommand, STREET=4600 Madison Ave FL 10, L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00F49870F5D3FA7D981D0069DE3D2EBBC7

File PE Metadata

Compilation timestamp:

12/20/2014 11:00:33 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:gLJ0320ArOr+H5B9RZmAaQUv9DPk92lAB:+wmA+v9RMAaQUv9y2q

Entry address:

0x15DA3

Entry point:

E8, CC, 8C, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, 68, 10, 5E, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 9C, 55, 43, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, 9C... 
[+]

Code size:

161 KB (164,864 bytes)

Remove non confirmé 665658.crdownload - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.