» slave to the rhythm- michael jackson xscape (deluxe).mp3.exe
Overview
Analysis
File Details
Downloads (2)

slave to the rhythm- michael jackson xscape (deluxe).mp3.exe

Flowers To

Now To

The application slave to the rhythm- michael jackson xscape (deluxe).mp3.exe has been detected as a potentially unwanted program by 25 anti-malware scanners. This is a setup program which is used to install the application. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. The file has been seen being downloaded from stylestylelife.com and multiple other hosts.

File name:

Publisher:

Now To

Product:

Flowers To

Description:

Loose Reverse

Version:

2.2.6.1

MD5:

1d3968f37cd251b773db919dff4ae595

SHA-1:

12c790b3ebbf1a610c78c56420700ccb0fc6e948

SHA-256:

15f2a09637485ea46efbf0efce790095e40765fa2d1c843736da27223044bef8

Scanner detections:

25 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/25/2024 7:43:43 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Bundler.CV

6330919

AhnLab V3 Security

PUP/Win32.MultiPlug

2015.01.10

Avira AntiVirus

ADWARE/MultiPlug.Gen7

7.11.200.120

avast!

Win32:MultiPlug-DN [PUP]

150102-1

AVG

Adware Generic5.BJYA

2014.0.4253

Bitdefender

Application.Bundler.CV

1.0.20.45

Comodo Security

Application.Win32.MultiPlug.PNU

20659

Dr.Web

Trojan.Crossrider.36840

9.0.1.05190

Emsisoft Anti-Malware

Application.Bundler.CV

9.0.0.4799

ESET NOD32

Win32/AdWare.MultiPlug.CB application

7.0.302.0

Fortinet FortiGate

Riskware/Generic.AC.4357092

1/9/2015

F-Prot

W32/A-a89959a5

v6.4.7.1.166

F-Secure

Riskware.Application.Bundler.CV

5.13.68

G Data

Application.Bundler.CV

15.1.24

IKARUS anti.virus

Trojan.Crypt

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.190.14599

Kaspersky

not-a-virus:AdWare.Win32.MultiPlug

14.0.0.2665

Malwarebytes

PUP.Optional.MultiPlug

v2015.01.09.09

McAfee

Program.MultiPlug-FOQ

16.8.708.2

MicroWorld eScan

Application.Bundler.CV

16.0.0.27

NANO AntiVirus

Riskware.Win32.MultiPlug.deosbf

0.30.0.64448

Norman

Application.Bundler.CV

03.12.2014 13:20:04

Reason Heuristics

Threat.Win.Reputation.IMP

15.1.19.23

Sophos

PUA 'MultiPlug' (of type Adware)

5.09

Vba32 AntiVirus

SScope.Adware.MultiPlug

3.12.26.3

File size:

821 KB (840,704 bytes)

Product version:

8.0.2.0

Original file name:

Slave to the Rhythm- Michael Jackson XSC.exe

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\slave to the rhythm- michael jackson xscape (deluxe).mp3.exe

File PE Metadata

Compilation timestamp:

1/14/2013 8:49:12 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:siCKOKyiOOqjeRwGEkPynHvAdzbxse/5w8mL:siCKgOoGGPARxsei5L

Entry address:

0x16CD7

Entry point:

E8, 66, 43, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, 93, 4C, 00, E8, E3, 10, 00, 00, E8, 33, 45, 00, 00, 0F, B7, F0, 6A, 02, E8, F9, 42, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 52, 0A, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

7.8468 (probably packed)

Code size:

132 KB (135,168 bytes)

The file slave to the rhythm- michael jackson xscape (deluxe).mp3.exe has been seen being distributed by the following 2 URLs.

http://stylestylelife.com/download/v2606?installer_file_name=Slave to the Rhythm- Michael Jackson XSCAPE (Deluxe).mp3&product_file_name=converted file.mp3&product_title=ListenToYouTube.com&product_download_url=http://srv68.listentoyoutube.com/download/4pSTaWlnmGJoZLWr2NmZcLVhnGNkZG9rlpWTtIWZ26aZoY2nv9LYrK6SzQ==/Slave to the Rhythm- Michael Jackson XSCAPE (Deluxe).mp3&product_name=Slave to the Rhythm- Michael Jackson XSCAPE (Deluxe).mp3=2.3&filesize=&reffer=http://.../&for_html_installer=1&layout_id=8&st=0&uuid=pDwUVuZG82fJhuscVSCyh7TgTtxnFgx5GviixD8Iz0xWV7cGVKwdxP4BKwflh6dlg3is3rfn43FkiafKydxvkBuCRcPyPhzbluJ1vkqLr4qb1B8c8iHMnOdzg3Tgo42let2sIpLNRmRnNrcVxtb0swXKIkCsHhEU5DjxynzHYsS31tTdIX4tOfwAVmaDpGT1oFIzNiBJmeZu95R5BjWHiISEFqvVDvDUl3YJwBxjuB59AvG3XhluOZNKTt7fQAtbTacp4UTaKAdJ0KFZy1s05waWX2gQh4mEI7tiTGkwb8ZqaeTQrCsbPpVoKXsQpRG1h95tN3Ot9QiAS3C4mOZYcEG0UR86BVBfjp28vVBgATrUhBNvBKBZrtEt5DbzjuxK4fdqXTddOrWc6UMV7BjAl4VZpsUb2qXhfmPiPVmURv

http://stylestylelife.com/v2606?product_name=Slave to the Rhythm- Michael Jackson XSCAPE (Deluxe).mp3=2.3&product_title=ListenToYouTube.com&installer_file_name=Slave to the Rhythm- Michael Jackson XSCAPE (Deluxe).mp3&product_file_name=converted file.mp3&product_download_url=http://srv68.listentoyoutube.com/download/.../Slave to the Rhythm- Michael Jackson XSCAPE (Deluxe).mp3

Remove slave to the rhythm- michael jackson xscape (deluxe).mp3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.