» pitch.perfect.2.movie.english.2015 1080p bluray h264.ac3 5 1 badassme_10924_i9575820_il345.exe
Overview
Analysis
File Details
Downloads (1)

pitch.perfect.2.movie.english.2015 1080p bluray h264.ac3 5 1 badassme_10924_i9575820_il345.exe

Runner Utility

BERSHNET LLC

The application pitch.perfect.2.movie.english.2015 1080p bluray h264.ac3 5 1 badassme_10924_i9575820_il345.exe by BERSHNET has been detected as adware by 31 anti-malware scanners. This is a setup program which is used to install the application. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from files.red-2-small-button.com.

File name:

Publisher:

Dummy, Ltd. (signed by BERSHNET LLC)

Product:

Runner Utility

Version:

1.0.0.187

MD5:

916baddd947eef4ff5cec66d525970ec

SHA-1:

60611495f80a3e3148c101acf7ac6bbe6a696313

SHA-256:

01b54593ba3d2d16f3fd3cb2ee1dcb3c45c8691445613172ba086d6c72ce39d4

Scanner detections:

31 / 68

Status:

Adware

Analysis date:

5/1/2024 10:08:59 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Jatif.320

599

Agnitum Outpost

PUA.Downloader

7.1.1

AhnLab V3 Security

Win32/Palevo1.worm.Gen

2015.06.13

Avira AntiVirus

ADWARE/Amonetize.Gen7

8.3.1.6

Arcabit

Trojan.Application.Jatif.320

1.0.0.425

avast!

Win32:Amonetize-JO [PUP]

2014.9-150615

AVG

Win32/Heur

2016.0.3077

Baidu Antivirus

PUA.Win32.Dlhelper

4.0.3.15615

Bitdefender

Gen:Variant.Application.Jatif.320

1.0.20.830

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

Application.Win32.LoadMoney.IARS

22431

Dr.Web

Trojan.Amonetize

9.0.1.0166

ESET NOD32

Win32/Amonetize.DW potentially unwanted (variant)

9.11779

Fortinet FortiGate

Riskware/Agent

6/15/2015

F-Prot

W32/S-53544127

v6.4.7.1.166

F-Secure

Gen:Variant.Application.Jatif

11.2015-15-06_2

G Data

Gen:Variant.Application.Jatif.320

15.6.25

K7 AntiVirus

Unwanted-Program

13.205.16231

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.1880

Malwarebytes

PUP.Optional.Amonetize

v2015.06.15.10

McAfee

Artemis!916BADDD947E

5600.6733

MicroWorld eScan

Gen:Variant.Application.Jatif.320

16.0.0.498

NANO AntiVirus

Trojan.Win32.Agent.drxmep

0.30.24.2086

Panda Antivirus

Trj/Genetic.gen

15.06.15.10

Qihoo 360 Security

HEUR/QVM16.0.Malware.Gen

1.0.0.1015

Quick Heal

PUA.Bershnetll.Gen

6.15.14.00

Reason Heuristics

PUP.BERSHNET

15.6.15.18

Sophos

Amonetize

4.98

Trend Micro House Call

TROJ_GEN.R03FC0VEQ15

7.2.166

Trend Micro

TROJ_GEN.R03FC0VEQ15

10.465.15

VIPRE Antivirus

Amonetize

41080

File size:

1.4 MB (1,495,568 bytes)

Product version:

1.0.0.187

Original file name:

runner.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\pitch.perfect.2.movie.english.2015 1080p bluray h264.ac3 5 1 badassme_10924_i9575820_il345.exe

Digital Signature

Signed by:

BERSHNET LLC

Authority:

COMODO CA Limited

Valid from:

2/5/2015 7:00:00 PM

Valid to:

2/6/2016 6:59:59 PM

Subject:

CN=BERSHNET LLC, O=BERSHNET LLC, STREET="st. 600-richya b.66, of.10", L=Vinnitsya, S=Vinnitskaya, PostalCode=21027, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00E2D6C6F8DDF832E09DCF766B299AD2A9

File PE Metadata

Compilation timestamp:

5/18/2015 2:03:09 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

24576:NhszzXpgSDhiREapnjsgvUSADSxVpzG3Bs4a5h7dXGjbtqeW6f2P5yVv:PshgSDqpj/UAn4s4aXdXYbtqepf2Eh

Entry address:

0x267E42

Entry point:

0F, 86, 5B, 0F, 15, 00, 60, 60, C7, 44, 24, 3C, 66, 30, 6E, 5B, 68, EA, E9, 7C, AE, E8, DB, 90, 15, 00, F9, 79, A4, D8, 7D, BF, 7D, B5, 6B, CA, CE, BA, DA, CF, BF, FA, E7, F4, DF, 02, 4B, E1, 4C, E0, F1, E2, FD, D4, 15, 9E, A7, A5, 94, C8, 79, D3, 66, A6, 96, 57, E5, CC, 88, A0, BD, 47, DA, FB, 70, 96, EA, C1, C0, 68, 3B, FE, 2F, D0, 4B, DA, 96, 92, AF, 6C, B5, 67, C5, 08, CC, E3, 6E, 7E, 6B, D0, 58, D9, 63, 2B, 44, E8, 20, 10, 38, 02, 6B, 86, 69, 5D, 5B, 21, 0B, 28, C3, EA, B5, 04, FF, 85, 73, C0, 84, 7D... 
[+]

Entropy:

7.9933 (probably packed)

Code size:

187.5 KB (192,000 bytes)

The file pitch.perfect.2.movie.english.2015 1080p bluray h264.ac3 5 1 badassme_10924_i9575820_il345.exe has been seen being distributed by the following URL.

http://files.red-2-small-button.com/p/.../Pitch.Perfect.2.Movie.English.2015 1080p BluRay H264.AC3 5 1 BAdAssME_10924_i9575820_il345.exe

Remove pitch.perfect.2.movie.english.2015 1080p bluray h264.ac3 5 1 badassme_10924_i9575820_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.