home

package_pcrossbrowser_installer_multilang.exe

pcrossbrowser

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application package_pcrossbrowser_installer_multilang.exe, “pcrossbrowser Setup ” by Tuto4PC.com has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer. It is also typically executed from the user's temporary directory.
Publisher:
Software   (signed by Tuto4PC.com)

Product:
pcrossbrowser

Description:
pcrossbrowser Setup

MD5:
ef04cd148e6bfce4d8370b5e7f085bc4

SHA-1:
ea04ca621dfc037b97828631b5a988262b9b99be

SHA-256:
6fab2fc9eb8ad78fb9170db6348c8ec4e8c586d0b3a2d53175f626e4f9ef3a0d

Scanner detections:
26 / 68

Status:
Adware

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
4/27/2024 2:18:58 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Eorezo.BZ
578

AhnLab V3 Security
Win-PUP/EoRezo
2015.04.10

Avira AntiVirus
ADWARE/EoRezo.Gen
3.6.1.96

avast!
Adware-ASG [PUP]
2014.9-150707

AVG
Generic
2016.0.3056

Baidu Antivirus
Adware.Win32.EoRezo
4.0.3.1577

Bitdefender
Adware.Eorezo.BZ
1.0.20.940

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.Downware.10601, Adware.Downware.9051
9.0.1.0188

Emsisoft Anti-Malware
Adware.Eorezo.BZ
8.15.07.07.04

ESET NOD32
Detection.Undefined
9.7.0.302.0

F-Secure
Adware.Eorezo.BZ
11.2015-07-07_3

G Data
Adware.Eorezo.BZ
15.7.25

K7 AntiVirus
Adware
13.202.15544

Malwarebytes
PUP.Optional.Tuto4PC.A
v2015.07.07.04

McAfee
Trojan.Artemis!8AAB6A34FC90
5600.6712

MicroWorld eScan
Adware.Eorezo.BZ
16.0.0.564

NANO AntiVirus
Riskware.Text.Text.dozbeo
0.30.10.952

Norman
Adware.Eorezo.BZ
11.20150707

nProtect
Adware.Eorezo.BZ
15.04.09.02

Panda Antivirus
PUP/Tuto4PC
15.07.07.04

Qihoo 360 Security
HEUR/QVM06.1.Malware.Gen
1.0.0.1015

Quick Heal
PUA.AdwareEorezo.DC8
7.15.14.00

Reason Heuristics
PUP.Eorezo.Tuto4PC.Bundler (M)
15.7.7.4

Trend Micro House Call
TROJ_GEN.R0C1B01D815
7.2.188

VIPRE Antivirus
Threat.4895339
38882

File size:
417.3 KB (427,352 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\package_pcrossbrowser_installer_multilang.exe

Digital Signature
Signed by:
Tuto4PC.com

Authority:
GlobalSign nv-sa

Valid from:
10/27/2014 5:32:39 AM

Valid to:
12/7/2015 8:27:40 AM

Subject:
E=contact@tuto4pc.com, CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-de-France, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214E18677190942D49073E30C52D17C351

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
6144:f/QiQPpCL6lhU7dXYwQfEyrF56nN4xXyVlcG40eAw38o85XOC8T/FUyKGpM9CIT1:XQiGpCn7dXYwEZrFMnrlcGpX98iR4o

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9205

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.