» poweriso_6.0.rar.exe
Overview
Analysis
File Details

poweriso_6.0.rar.exe

storage related database

Stanislav Kabin

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application poweriso_6.0.rar.exe by Stanislav Kabin has been detected as adware by 20 anti-malware scanners. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

Publisher:

to data of simple programs (signed by Stanislav Kabin)

Product:

storage related database

Version:

4.6.0.0

MD5:

42baa50f146a58c0842f084e95dd569e

SHA-1:

857f5702a7039bf49a5f67676ae33221fb6d4088

SHA-256:

78bea2a36e511798e0cd84f1c1ada0b238997d6086725d31152e6235948627f6

Scanner detections:

20 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/25/2024 12:42:26 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Dropper.103

920

Agnitum Outpost

PUA.MultiPlug

7.1.1

Avira AntiVirus

Adware/MultiPlug.aoa

7.11.164.128

avast!

Win32:PUP-gen [PUP]

140617-1

AVG

Generic_r

2015.0.3398

Bitdefender

Gen:Variant.Adware.Dropper.103

1.0.20.1050

Dr.Web

Trojan.Crossrider.26696

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.Dropper.103

8.14.07.29.06

ESET NOD32

Win32/AdWare.MultiPlug.AQ (variant)

8.10172

F-Secure

Gen:Variant.Adware.Dropper.103

11.2014-29-07_3

G Data

Gen:Variant.Adware.Dropper.103

14.7.24

IKARUS anti.virus

PUA.InstallRex

t3scan.1.6.1.0

K7 AntiVirus

Adware

13.181.12872

Malwarebytes

PUP.Optional.MultiPlug

v2014.07.29.06

McAfee

PUP-FMU

5600.7054

MicroWorld eScan

Gen:Variant.Adware.Dropper.103

15.0.0.630

NANO AntiVirus

Trojan.Win32.Crossrider.dctamd

0.28.2.61148

Panda Antivirus

Trj/Genetic.gen

14.07.29.06

Reason Heuristics

PUP.StanislavKabin.O

14.7.29.17

VIPRE Antivirus

Threat.4150696

31208

File size:

789.9 KB (808,848 bytes)

Product version:

4.6.0.0

Original file name:

and techniques hoc code the

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\poweriso_6.0.rar.exe

Digital Signature

Signed by:

Stanislav Kabin

Authority:

Unizeto Technologies S.A.

Valid from:

6/23/2014 5:28:15 AM

Valid to:

6/23/2015 5:28:15 AM

Subject:

E=Stanislav.Kabin@hotmail.com, CN=Stanislav Kabin, O=Stanislav Kabin, C=RU

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

3469022839E88D596EA6FE14C990AF76

File PE Metadata

Compilation timestamp:

7/24/2014 8:20:52 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:Sds0zW4ZA3c1M1J2vFMAufIf+pxAUZREd3OH:SdPW4ZA31v2vF9hdUZREdG

Entry address:

0x17DBE

Entry point:

E8, 9F, 7D, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, E8, DD, 42, 00, E8, FC, 0D, 00, 00, E8, 2E, 04, 00, 00, 0F, B7, F0, 6A, 02, E8, 32, 7D, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, F0, 45, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

7.7663 (probably packed)

Code size:

137.5 KB (140,800 bytes)

Remove poweriso_6.0.rar.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.