home

smscaster-e-marketer-gsm-enterprise-3-6-build-1071-with-patch.exe

DownBooster Download Manager

Zugara Investments Limited

The application smscaster-e-marketer-gsm-enterprise-3-6-build-1071-with-patch.exe, “DownBooster Download Manager Setup ” by Zugara Investments Limited has been detected as adware by 9 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from download-manage.com.
Publisher:
Zugara Investments Limited   (signed by Zugara Investments Limited)

Product:
DownBooster Download Manager

Description:
DownBooster Download Manager Setup

MD5:
03870325ffb690917264cfa43b3cf671

SHA-1:
7ab7760c4ff432b34d74502c17ecf9be60624988

SHA-256:
6ccde4e702f67568f30789be45f409425680f20ecba94c87144b9d4f6a0fde80

Scanner detections:
9 / 68

Status:
Adware

Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.

Analysis date:
4/24/2024 2:25:27 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Zugara
2016.0.3183

Dr.Web
Adware.Downware.1658, Adware.Downware.1658
9.0.1.05190

ESET NOD32
Win32/InstallMonetizer.AF potentially unwanted application
7.0.302.0

G Data
Win32.Application.InstallMonetizer
15.3.25

IKARUS anti.virus
PUA.InstallMonetizer
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.1915120

Reason Heuristics
PUP.Installer.ZugaraInvestments
15.3.2.1

Sophos
PUA 'Amonetize'
5.11

VIPRE Antivirus
Threat.4150696
37588

File size:
691 KB (707,576 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\smscaster-e-marketer-gsm-enterprise-3-6-build-1071-with-patch.exe

Digital Signature
Signed by:
Zugara Investments Limited

Authority:
DigiCert Inc

Valid from:
6/7/2013 3:00:00 AM

Valid to:
6/9/2014 3:00:00 PM

Subject:
CN=Zugara Investments Limited, O=Zugara Investments Limited, L=Larnaca, C=CY

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0E69C9D3F6F493CFDD35EE66D63A5D96

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:VQiGD4QU7g/L4y32KmsZD4w484EMRzpATGF2qy5fi+M6EUtJARtudis2JJW:VQiK0k/R3PmsOPLuTEWtsWZ

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9512

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file smscaster-e-marketer-gsm-enterprise-3-6-build-1071-with-patch.exe has been seen being distributed by the following URL.

http://download-manage.com/lp/.../download.php?data=aHR0cDovL3d3dy40c2hhcmVkLmNvbS9maWxlLzc5MDAxNTMxLzJjZmEwODY0L1NNU0Nhc3Rlcl9FLU1hcmtldGVyX0dTTV9FbnRlcnByaXNlXzM2X0J1aWxkXzEwNzFfd2l0aF9QYXRjaC5odG1sP2FmZj03NjM3ODI5&fname=U01TQ2FzdGVyIEUgTWFya2V0ZXIgR1NNIEVudGVycHJpc2UgMyA2IEJ1aWxkIDEwNzEgd2l0aCBQYXRjaA==

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.