» relatrio-de-auto-avaliao-2011-ins-infante.exe
Overview
Analysis
File Details
Downloads (1)

relatrio-de-auto-avaliao-2011-ins-infante.exe

DownBooster Download Manager

Zugara Investments Limited

The application relatrio-de-auto-avaliao-2011-ins-infante.exe, “DownBooster Download Manager Setup ” by Zugara Investments Limited has been detected as adware by 9 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from download-manage.com.

File name:

Publisher:

Zugara Investments Limited (signed by Zugara Investments Limited)

Product:

DownBooster Download Manager

Description:

DownBooster Download Manager Setup

MD5:

e790ea292f6c976f7bc11c801de3e26d

SHA-1:

20a7a728b05c7c8340e1b1251f558dca80c2a51e

SHA-256:

c952abf0b728e946638545094dcecc5031937970bcdbdaf81bce6ce4cb8bf58a

Scanner detections:

9 / 68

Status:

Adware

Explanation:

Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:

5/10/2024 3:28:21 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Adware-gen [Adw]

141214-1

AVG

Zugara

2015.0.3253

Dr.Web

Adware.Downware.1658

9.0.1.05190

ESET NOD32

Win32/InstallMonetizer.AF potentially unwanted application

7.0.302.0

G Data

Win32.Application.InstallMonetizer

14.12.24

K7 AntiVirus

Unwanted-Program

13.188.14410

Reason Heuristics

PUP.Installer.ZugaraInvestmentsLimited.j

14.12.22.5

Sophos

PUA 'Pirrit' (of type Adware)

5.09

VIPRE Antivirus

Threat.4150696

35418

File size:

690.9 KB (707,472 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\downloads\relatrio-de-auto-avaliao-2011-ins-infante.exe

Digital Signature

Signed by:

Zugara Investments Limited

Authority:

DigiCert Inc

Valid from:

6/7/2013 1:00:00 AM

Valid to:

6/9/2014 1:00:00 PM

Subject:

CN=Zugara Investments Limited, O=Zugara Investments Limited, L=Larnaca, C=CY

Issuer:

CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0E69C9D3F6F493CFDD35EE66D63A5D96

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:4QiGcpqz9UyVEOm27Klf5iC7VOXLB6Rmkqy5fi+M6EUtJARtudis2JJm:4QihpQU2EB2GF7gXAAAtsWR

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file relatrio-de-auto-avaliao-2011-ins-infante.exe has been seen being distributed by the following URL.

http://download-manage.com/lp/.../download.php?data=aHR0cDovL3d3dy5zY3JpYmQuY29tL2RvYy82MDQ4Mjg0OS9SZWxhdG9yaW8tZGUtQXV0by1hdmFsaWFjYW8tMjAxMS1JbmVzLUluZmFudGU=&fname=UmVsYXTDs3JpbyBkZSBBdXRvIGF2YWxpYcOnw6NvIDIwMTEgSW7DqnMgSW5mYW50ZQ==

Remove relatrio-de-auto-avaliao-2011-ins-infante.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.