home

prtg.network.monitor.v12.2.1.1767-shock_secure.exe

PrivitizeVPN Installer

OOO

The application prtg.network.monitor.v12.2.1.1767-shock_secure.exe by OOO has been detected as adware by 15 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from privitize.com and multiple other hosts.
Publisher:
PrivitizeVPN  (signed by OOO )

Product:
PrivitizeVPN Installer

Version:
1.0.0.2

MD5:
006c09d6f3cb287f8659b97bb166bc6d

SHA-1:
97b0d5599b4c06c2e3a98c005e3e24b623ebeb47

SHA-256:
632cbe211227e2a3b9cc24a06c3153980dd0dab53707396ca7a7033a824055a0

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
4/25/2024 10:47:47 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
NSIS:Malware-gen [Trj]
2014.9-140411

Bkav FE
W32.Clodb11.Trojan
1.3.0.4613

Comodo Security
TrojWare.Win32.TrojanDropper.Agent.~ftb
17426

Dr.Web
Adware.Siggen.25598
9.0.1.0101

ESET NOD32
Win32/TopMedia
8.9164

Fortinet FortiGate
W32/DwnLdr.KJE!tr
4/11/2014

F-Prot
W32/Backdoor2.HMZO
v6.4.7.1.166

K7 AntiVirus
Trojan
13.174.10484

McAfee
Artemis!006C09D6F3CB
5600.7164

Reason Heuristics
PUP.Installer.OOO.i
14.4.11.3

Sophos
Troj/DwnLdr-KJE
4.95

Trend Micro House Call
TROJ_SPNR.08L312
7.2.101

Trend Micro
TROJ_SPNR.08L312
10.465.11

VIPRE Antivirus
Adware.Privitize
24280

XVirus List
Win32.Detected
2.4.11

File size:
1 MB (1,091,920 bytes)

Product version:
1.0.0.2

Copyright:
Copyright 2012

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\prtg.network.monitor.v12.2.1.1767-shock_secure.exe

Digital Signature
Signed by:
OOO

Authority:
COMODO CA Limited

Valid from:
8/1/2012 7:00:00 PM

Valid to:
8/2/2015 6:59:59 PM

Subject:
CN="OOO ""Industry""", O="OOO ""Industry""", STREET="Vsevolzhsky 2, bld. 2", L=Moscow, S=Moscow, PostalCode=119034, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D139BDA20096871840DCE08E6A80B6F0

File PE Metadata
Compilation timestamp:
12/5/2009 4:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:v5Tdh5CQFlC4aaE/GeMpIoM4NYv5dJlW5gQXsuQG:BvNFlbl5OB45gQV

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9853

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file prtg.network.monitor.v12.2.1.1767-shock_secure.exe has been seen being distributed by the following 26 URLs.

http://privitize.com/.../29_Dot_Net_Ebooks_Latest_2012_CSharp_WCF_WPF_ASP_etc?tag=bal

http://privitize.com/.../Age_of_Mythology_Gold_Edition?tag=blp

http://privitize.com/.../Microsoft_Office_2007_Enterprise_ _SP1_PT-BR_-_Zudefoque?tag=blp

http://privitize.com/.../Wiz_Khalifa_-_Cabin_Fever_2_[Album_-_2012]?tag=blp

http://privitize.com/.../Kid_with_the_Golden_Arm_(1979)_-_Shaw_Brothers_Celestial_Remaste?tag=blp

http://privitize.com/.../RPES_2013_vers._1.0?tag=blp

http://privitize.com/.../The_Sims_3:_High_End_Loft_Stuff_[FULL]_*_Games4theworld_*?tag=bal

http://privitize.com/.../Laleh_-_Sjung_[Album_-_2012]_{256_kbps}

http://privitize.com/.../All_books_of_House_of_night_Series?tag=blp

http://privitize.com/.../Savages_(2012)_UNRATED_WEBRIP_AC3_XVID_HS?tag=bal

http://privitize.com/.../X-Men.First.Class.2011.TRUE_FRENCH.R5.LD.XviD-ANONYM[L-S79]?tag=blp

http://privitize.com/.../Harry_Potter_Series_(epub_and_mobi)?tag=bal

http://privitize.com/.../Gad.Elmaleh.Papa.Est.En.Haut.2008.FRENCH.DVDRiP.XViD?tag=blp

http://privitize.com/.../Farming_Simulator_2009_v1.0_Crack?tag=blp

http://privitize.com/.../Step.Up.Revolution.2012.DVDRip.XviD-SPARKS?tag=blp

http://privitize.com/.../iPhone_3GS_Custom_Restore_Firmware_4.2.1_8C148a_ipsw?tag=blp

http://privitize.com/.../Microsoft_Flight_Simulator_X_Deluxe_(ISO)?tag=bal

http://privitize.com/.../The_Amazing_Spider_Man[2012]DVDRip_XviD-ETRG?tag=blp

http://privitize.com/.../Brave.2012.BluRay.1080p.x264.DTS AC3_LTT?tag=bal

http://privitize.com/.../Future-Astronaut_Status_(Official_Mixtape)-2012-DjLeak?tag=blp

http://privitize.com/.../Civilization_3_Complete_Edition?tag=bal

http://privitize.com/.../Back_to_Black_-_Instrumental_Version?tag=blp

http://privitize.com/.../_The_Elder_Scrolls_V_Skyrim_Update_v1.7.7.0.6_Incl._Dawnguard_DL?tag=bal

http://privitize.com/.../Downton_Abbey___(2011_-_Season_2_-_Complete)?tag=blp

http://privitize.com/.../Homeland_-_S02E01.avi

http://privitize.com/.../Homeland_S02E01_Season_2_Episode_1_HDTV_x264_ _Subtitles_[GlowGa

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.