home

option+file+tugavicio.rar_10924_i65733279_il345.exe

A4 TOV

The application option+file+tugavicio.rar_10924_i65733279_il345.exe by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
A4 TOV  (signed and verified)

Description:
Setup/Uninstall

Version:
51.49.0.0

MD5:
aa41a697c578b13ad8ddafe55dc5aa85

SHA-1:
67544fdc800d5e4f574bea0cceba9bcc9e64bd16

SHA-256:
6a43421ede2f3b7373c4117b78ef230121c408fde649045dcbf94e3dd62bc7be

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/12/2024 9:08:07 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
17.2.21.11

File size:
1.5 MB (1,589,728 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\option+file+tugavicio.rar_10924_i65733279_il345.exe

Digital Signature
Signed by:
A4 TOV

Authority:
COMODO CA Limited

Valid from:
9/17/2015 2:00:00 AM

Valid to:
9/17/2016 1:59:59 AM

Subject:
CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata
Compilation timestamp:
9/30/2015 3:32:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1FBAFF

Entry point:
68, 1F, 6F, CE, 77, E8, 66, C7, FF, FF, 00, 00, 00, 46, 6C, 75, 73, 68, 46, 69, 6C, 65, 42, 75, 66, 66, 65, 72, 73, 00, 00, 00, 00, 53, 65, 74, 48, 61, 6E, 64, 6C, 65, 43, 6F, 75, 6E, 74, 00, 00, 00, 00, 53, 68, 65, 6C, 6C, 45, 78, 65, 63, 75, 74, 65, 57, 00, 2A, 5A, 2A, 91, 24, A6, 89, 9A, EC, 0C, 08, E1, D0, 5D, 5A, 38, 24, 7C, 57, A2, 10, 03, 4F, 67, 4E, 5B, 02, 52, 7E, B9, EC, 5D, 4C, 6D, EE, 62, EE, F6, 29, 14, BC, A4, A4, 40, 46, AC, E3, 27, DB, 9E, 03, B6, 24, 1E, BD, 3A, 53, 93, 9A, 34, 7E, 50, A2...
 
[+]

Code size:
1.5 MB (1,577,984 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.