» pppd.378.ai.sayama.jav.censored_10924_i31446475_il345.exe.zip
Overview
Analysis
File Details
Downloads (1)

pppd.378.ai.sayama.jav.censored_10924_i31446475_il345.exe.zip

The file pppd.378.ai.sayama.jav.censored_10924_i31446475_il345.exe.zip has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from downprov.red-2-small-button.com.

File name:

MD5:

f1098e7f21fbbe163f227d77c46bb171

SHA-1:

edbafbaed520452383538d0c946fff2feb99883f

SHA-256:

ca25b286791fe9cf21463f427dab24e1cb8505e686c65756b1b016bbc7090fec

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/3/2024 2:05:28 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Amonetize (M)

16.7.23.18

File size:

1.5 MB (1,563,072 bytes)

Common path:

C:\users\{user}\downloads\pppd.378.ai.sayama.jav.censored_10924_i31446475_il345.exe.zip

The file pppd.378.ai.sayama.jav.censored_10924_i31446475_il345.exe.zip has been seen being distributed by the following URL.

http://downprov.red-2-small-button.com/direct?version=1.1.8.22&campid=10924&instid[appname]=pppd.378.ai.sayama.jav.censored_Downloader&instid[appsetupurl]=http://go.bestsoftwarelive.com/getfast/download.cgi?9&ti1=1410000&ti2=0&ti3=62t3kv625bz3&instid[cmdline]=/S /PERFORMINSTALL /NORUN&instid[appimageurl]=http://download.bestsoftwarelive.com/d1/logo150x150.png&prefix=pppd.378.ai.sayama.jav.censored&instid[thankyoupage]=http://download.bestsoftwarelive.com/.../thank_you.php?ti1=1410000&ti2=0&ti3=62t3kv625bz3&parameter=pppd.378.ai.sayama.jav.censored&instid[interrupted]=http://download.bestsoftwarelive.com/.../interrupted.php?ti1=1410000&ti2=0&ti3=62t3kv625bz3&parameter=pppd.378.ai.sayama.jav.censored&ti1=1410000&ti2=0&ti3=62t3kv625bz3&_dest=files.red-3-small-button.com

Remove pppd.378.ai.sayama.jav.censored_10924_i31446475_il345.exe.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.