» ps4 emus v.1.2.0 installer.exe
Overview
Analysis
File Details

ps4 emus v.1.2.0 installer.exe

Stepan Rybin

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application ps4 emus v.1.2.0 installer.exe by Stepan Rybin has been detected as adware by 23 anti-malware scanners. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

Publisher:

Stepan Rybin (signed and verified)

MD5:

b0425a1ec326f8691a905b0b5f2e143f

SHA-1:

6cd538409aa7b3ddb92587fcade54f93ab336e9c

SHA-256:

45e29213ce68904b8f6c6fca3b7c7a4d4efc1e7225806b980be9b28cf086250e

Scanner detections:

23 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/19/2024 1:04:18 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.MultiPlug.IE

675

AhnLab V3 Security

PUP/Win32.MultiPlug

2015.04.01

Avira AntiVirus

PUA/Multiplug.aoa

3.6.1.96

avast!

Win32:Adware-gen [Adw]

2014.9-150401

AVG

Generic6

2016.0.3153

Bitdefender

Adware.MultiPlug.IE

1.0.20.455

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Trojan.Crossrider1.22656

9.0.1.091

Emsisoft Anti-Malware

Adware.MultiPlug.IE

8.15.04.01.12

ESET NOD32

Win32/Adware.MultiPlug.GX (variant)

9.11404

Fortinet FortiGate

Riskware/MultiPlug

4/1/2015

F-Secure

Adware.MultiPlug.IE

11.2015-01-04_4

G Data

Adware.MultiPlug.IE

15.4.25

K7 AntiVirus

Unwanted-Program

13.202.15438

Kaspersky

not-a-virus:AdWare.Win32.MultiPlug

14.0.0.2260

MicroWorld eScan

Adware.MultiPlug.IE

16.0.0.273

nProtect

Adware.MultiPlug.IE

15.03.31.01

Panda Antivirus

PUP/TSUploader

15.04.01.12

Quick Heal

Adware.Multiplug.D6

4.15.14.00

Reason Heuristics

PUP.WebPick

15.3.31.22

Sophos

MultiPlug

4.98

Vba32 AntiVirus

suspected of Heur.Malware-Cryptor.Multiplug

3.12.26.3

VIPRE Antivirus

Threat.4753027

38552

File size:

452.7 KB (463,560 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\{db086374-159b-1428-db08-863741598dd0}\ps4 emus v.1.2.0 installer.exe

Digital Signature

Signed by:

Stepan Rybin

Authority:

Unizeto Technologies S.A.

Valid from:

6/27/2014 9:37:40 AM

Valid to:

6/27/2015 9:37:40 AM

Subject:

E=rybin.step@yandex.ru, CN=Stepan Rybin, O=Stepan Rybin, C=UA

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

47154C2151E9EB8DFA42C2C9E45BFC6C

File PE Metadata

Compilation timestamp:

4/21/2013 3:46:21 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:AbMCTYGQW10to34E+KnzyLFkrx30Sgu25zu2ecSNSe8y5mii+bMeD/cAYWNW4bwq:AgCUGVCKz+Kz13bgLd0Nb8FaoJE0AQ8

Entry address:

0x40A5B

Entry point:

E8, E6, 12, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, B2, 44, 00, E8, FF, 17, 00, 00, E8, B3, 14, 00, 00, 0F, B7, F0, 6A, 02, E8, 79, 12, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 28, 02, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.4155

Code size:

279 KB (285,696 bytes)

Remove ps4 emus v.1.2.0 installer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.