home

sia.elastic.heart.mp3_10924_i67318918_il345.exe

A4 TOV

The application sia.elastic.heart.mp3_10924_i67318918_il345.exe by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
A4 TOV  (signed and verified)

Description:
Setup/Uninstall

Version:
51.49.0.0

MD5:
10b270017fadc8ee56497de77bc55cd7

SHA-1:
526f27bafcb64303dc16953b4ad4ffe7f3943011

SHA-256:
e15643a2ca22ba247e84177a1f1f51f9fa6ff6562ced8aecd32bfd5797857b8d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/12/2024 7:40:36 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
17.2.18.13

File size:
1.5 MB (1,570,272 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\sia.elastic.heart.mp3_10924_i67318918_il345.exe

Digital Signature
Signed by:
A4 TOV

Authority:
COMODO CA Limited

Valid from:
9/17/2015 2:00:00 AM

Valid to:
9/17/2016 1:59:59 AM

Subject:
CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata
Compilation timestamp:
10/4/2015 7:52:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x244F5F

Entry point:
68, 4D, 2E, 0F, 66, E8, 23, B4, FA, FF, 00, 00, 00, 4D, 6B, 50, 61, 72, 73, 65, 44, 69, 73, 70, 6C, 61, 79, 4E, 61, 6D, 65, 00, 00, 00, 00, 43, 72, 79, 70, 74, 49, 6D, 70, 6F, 72, 74, 4B, 65, 79, 00, D3, EB, 73, EF, BA, 1F, BC, 72, EF, 29, 2B, A3, 8D, 10, DE, 1B, 7C, 8E, 10, 71, F4, BC, 8F, 10, 7C, BE, D0, 72, EF, 9B, 8E, 67, 71, EF, EE, B0, CB, 8F, 10, B8, B1, 61, 8E, 10, EC, 6E, 55, 72, EF, 39, 77, 2B, 8F, 10, 35, 50, E5, 8E, 10, 96, B0, 69, 71, EF, EB, FD, B0, 89, 5F, 3E, 72, EF, 07, D6, 8C, 10, 20, 99...
 
[+]

Code size:
1.5 MB (1,558,528 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.