home

numbergenerator_setup.exe

Rspark LLC

This is the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application numbergenerator_setup.exe by Rspark has been detected as adware by 24 anti-malware scanners. The program is a setup application that uses the OutBrowse Revenyou installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Rspark LLC  (signed and verified)

MD5:
9be52a9c3e1c9976aadccb15a4a5a294

SHA-1:
7785bc7801806adcb634a4d68d5ed513a27e8508

SHA-256:
950e45e9ea8c7dfdde009f4fd6a45224023171bef39ede2e72ea0f7d0fe5ed03

Scanner detections:
24 / 68

Status:
Adware

Explanation:
Bundles additional adware offers during download and installation using the OutBrowse installer.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/25/2024 11:45:01 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
MemScan:Application.Bundler.Outbrowse.E
599

Agnitum Outpost
PUA.OutBrowse
7.1.1

Avira AntiVirus
PUA/Outbrowse.Gen
8.3.1.6

Arcabit
Application.Bundler.Outbrowse.E
1.0.0.425

avast!
OutBrowse-H [PUP]
150602-1

AVG
Generic
2016.0.3077

Bitdefender
MemScan:Application.Bundler.Outbrowse.E
1.0.20.830

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Downware.3933
9.0.1.05190

Emsisoft Anti-Malware
MemScan:Application.Bundler.Outbrowse
10.0.0.5366

ESET NOD32
Win32/OutBrowse.R potentially unwanted application
7.0.302.0

Fortinet FortiGate
Riskware/OutBrowse
6/15/2015

F-Prot
W32/OutBrowse.B (exact, not disinfectable)
4.6.5.141

F-Secure
Riskware.MemScan:Application.Bundler.Outbrowse
5.14.151

G Data
MemScan:Application.Bundler.Outbrowse
15.6.25

Malwarebytes
PUP.Optional.OutBrowse.A
v2015.06.15.06

McAfee
Program.Adware-OutBrowse
17.6.569.0

MicroWorld eScan
MemScan:Application.Bundler.Outbrowse.E
16.0.0.498

NANO AntiVirus
Riskware.Raw.OutBrowse.dbpywt
0.30.24.2086

Norman
MemScan:Application.Bundler.Outbrowse.E
02.06.2015 14:23:46

Quick Heal
PUA.Rsparkllc.Gen
6.15.14.00

Reason Heuristics
PUP.Outbrowse.Bundler
15.6.15.18

Vba32 AntiVirus
Downloader.Agent
3.12.26.4

VIPRE Antivirus
Threat.4784459
40824

File size:
975.5 KB (998,888 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
OutBrowse Revenyou (using Nullsoft Install System)

Digital Signature
Signed by:
Rspark LLC

Authority:
DigiCert Inc

Valid from:
11/25/2013 1:00:00 AM

Valid to:
1/26/2015 1:00:00 PM

Subject:
CN=Rspark LLC, O=Rspark LLC, L=Seattle, S=Washington, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0ADE80060D1D9FFF62ADB2CF331C657C

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:ikHXdyZNrNF/4lgGhpwJxmntY1VKc9IsTELQ74Bcy:RHXc3BqXp6fScKsILqly

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9251

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove numbergenerator_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.