home

sons_of_anarchy_-_season_6_complete_(hdtv)_x264-cee.exe

Tanja Matkovic

The application sons_of_anarchy_-_season_6_complete_(hdtv)_x264-cee.exe by Tanja Matkovic has been detected as adware by 16 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The setup installer will bundle multiple adware offers during download and setup (based on the user's geographical location) including toolbars, extensions and coupon utilities. The file has been seen being downloaded from www.torntv-tvv.org and multiple other hosts.
Publisher:
Tanja Matkovic  (signed and verified)

MD5:
9efba5de9b5691b915f1dd6b55756768

SHA-1:
3bb2867188b281423bdb1a4932028b97c8a48e09

SHA-256:
6aad60bf9d017bbfe6c864bfc6d92efee12dfa37227860aa8cd9b3fd3145451a

Scanner detections:
16 / 68

Status:
Adware

Explanation:
Bundles a number of adware programs in the installer.

Analysis date:
4/25/2024 4:59:58 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.NVC
1130

Bitdefender
Adware.Agent.NVC
1.0.20.1825

Bkav FE
W32.Clodae1.Trojan
1.3.0.4613

Dr.Web
Adware.Yontoo.4
9.0.1.0365

Emsisoft Anti-Malware
Adware.Agent.NVC
8.13.12.31.09

ESET NOD32
Win32/AdWare.1ClickDownload.AQ
8.9245

F-Secure
Adware.Agent.NVC
11.2013-31-12_3

G Data
Adware.Agent.NVC
13.12.22

Malwarebytes
PUP.Optional.OneClickDownloader.A
v2013.12.31.09

McAfee
Artemis!9EFBA5DE9B56
5600.7250

MicroWorld eScan
Adware.Agent.NVC
14.0.0.1095

nProtect
Adware.Agent.NVC
14.01.03.01

Reason Heuristics
PUP.TanjaMatkovic.t
14.3.29.10

Rising Antivirus
NS:Malware.Install!1.9F21
23.00.65.14113

Trend Micro House Call
TROJ_GEN.F47V1231
7.2.365

VIPRE Antivirus
CoolMirage Ltd
25042

File size:
436.1 KB (446,600 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\sons_of_anarchy_-_season_6_complete_(hdtv)_x264-cee.exe

Digital Signature
Signed by:
Tanja Matkovic

Authority:
Thawte, Inc.

Valid from:
5/1/2013 2:00:00 AM

Valid to:
5/2/2014 1:59:59 AM

Subject:
CN=Tanja Matkovic, OU=Individual Developer, O=No Organization Affiliation, L=Subotica, S=Subotica, C=RS

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6A3131F81D52E40A00F4396C56D649C5

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:SFg/auP3mnZHYGPk2KNt8n0oSFQJ8RLrvsn0WpC:0hLFYD2oOnlSMk3snvC

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file sons_of_anarchy_-_season_6_complete_(hdtv)_x264-cee.exe has been seen being distributed by the following 15 URLs.

http://www.torntv-tvv.org/.../American_Hustle_2013_DVDScr_XViD_AC3-FiNGERBLaST.exe

http://www.torntv-tvv.org/.../Unity_3D_Pro_4_1_2_Crack.exe

http://www.torntv-tvv.org/.../[Vocal_Jazz]_Michael_Buble_-_Discography_2003-2013_(By_Jamal_the.exe

http://www.torntv-tvv.org/.../mxk91_67_228_81_184_Double_FACE_Rina_Himekawa_.exe

http://www.torntv-tvv.org/.../Theo_Maassen_-_2013_-_Einde_oefening_-_DISCY.exe

http://www.torntv-tvv.org/.../Sherlock.3x01.The_Empty_Hearse.exe

http://www.torntv-tvv.org/.../The_Blind_Side_(2009).DVDRip.exe

http://www.torntv-tvv.org/.../PC_The_Witcher_2_Full_Rip_EN_TPTB.exe

http://www.torntv-tvv.org/.../DownloadSetup.exe

http://www.torntv-tvv.org/.../Thrift_Shop_feat_Wanz_Single.exe

http://www.torntv-tvv.org/.../American_Gothic_complete_series_2010-DVDRip-Xvid-BlueLady.exe

http://www.torntv-tvv.org/.../The_Loyal_47_Ronin{Chushingura}(1962).exe

http://www.torntv-tvv.org/.../iTunes_8_1_1_64_bit_.exe

http://www.torntv-tvv.org/.../(DivX-ITA)_The_Twilight_Saga:_Eclipse_(DVD-RIP).exe

http://www.torntv-tvv.org/.../Sons_of_Anarchy_-_Season_6_Complete_(HDTV)_x264-CEE.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.