» ser feliz por nada martha_10924_i63119268_il345.exe
Overview
Analysis
File Details

ser feliz por nada martha_10924_i63119268_il345.exe

TeamViewer

A4 TOV

The application ser feliz por nada martha_10924_i63119268_il345.exe by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

TeamViewer GmbH (signed by A4 TOV)

Product:

TeamViewer

Description:

TeamViewer 10

Version:

10.0.45862.0

MD5:

ffd687b91c8360f5b83997054e3ae0df

SHA-1:

f652b5438493299c198652c3718a3926f18993d6

SHA-256:

069b0a153727077a045eab115eb0462357f9cc0e5c9f38f103341f1b10106cab

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/13/2024 4:16:03 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize (M)

17.2.24.8

File size:

2.1 MB (2,191,328 bytes)

Product version:

10.0

TeamViewer GmbH

Trademarks:

TeamViewer

Original file name:

TeamViewer.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\ser feliz por nada martha_10924_i63119268_il345.exe

Digital Signature

Signed by:

A4 TOV

Authority:

COMODO CA Limited

Valid from:

9/16/2015 9:00:00 PM

Valid to:

9/16/2016 8:59:59 PM

Subject:

CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata

Compilation timestamp:

9/23/2015 9:02:50 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x283152

Entry point:

68, FF, CB, 00, B8, E8, BB, 78, FF, FF, A1, 12, 45, D1, 0F, 0D, EF, 68, 0B, BB, 70, 93, 15, BE, DE, 46, A8, D7, D6, E8, 2F, 7F, BB, A1, 89, E5, BC, D4, 41, 4B, FE, 6D, BB, C3, A8, 9A, 37, 34, 28, 3C, A4, 32, 6F, DA, 0A, B6, C5, 61, 7D, 10, 95, D3, 0F, 70, 33, 35, AA, 14, 54, 93, 28, A7, E7, C9, 86, EC, 1D, AA, E3, 42, 38, AC, A2, F3, 1B, 2C, ED, 67, AD, 66, 50, EA, 41, C8, 66, 49, F4, E0, C8, 49, 42, E5, 7F, EF, 78, AA, 7D, 8A, D6, B2, 72, B3, 0A, 70, 32, AB, 0E, DE, 48, BB, 1C, 87, A9, A7, 08, 52, 07, 6A... 
[+]

Code size:

2 MB (2,146,816 bytes)

Remove ser feliz por nada martha_10924_i63119268_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.