» sony+vegas+pro+11+rus+cra_10924_i63767631_il345.exe
Overview
Analysis
File Details

sony+vegas+pro+11+rus+cra_10924_i63767631_il345.exe

Maxthon Cloud Portable

A4 TOV

The application sony+vegas+pro+11+rus+cra_10924_i63767631_il345.exe, “Maxthon Cloud Portable (PortableApps.com Launcher)” by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.

File name:

Publisher:

PortableApps.com (signed by A4 TOV)

Product:

Maxthon Cloud Portable

Description:

Maxthon Cloud Portable (PortableApps.com Launcher)

Version:

2.2.0.0

MD5:

316e518e1c73de6358402c0bea626777

SHA-1:

cf1bd0125d56b3e095d213bc6c3412242a5a202f

SHA-256:

721c5144bdc3bbfe6358536b44f5ab49bf5be47493afb369500095bd1648bb5d

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

5/12/2024 2:51:28 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Amonetize (M)

17.2.12.7

File size:

2.4 MB (2,473,440 bytes)

Product version:

2.2.0.0

PortableApps.com

Trademarks:

PortableApps.com is a Trademark of Rare Ideas, LLC.

Original file name:

MaxthonPortable.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\sony+vegas+pro+11+rus+cra_10924_i63767631_il345.exe

Digital Signature

Signed by:

A4 TOV

Authority:

COMODO CA Limited

Valid from:

9/17/2015 7:00:00 AM

Valid to:

9/17/2016 6:59:59 AM

Subject:

CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata

Compilation timestamp:

9/25/2015 11:02:48 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

Entry address:

0x4C663B

Entry point:

68, 8C, E5, F0, FF, E8, 0B, A2, DF, FF, C1, AA, 28, 21, 21, C7, BC, D5, DE, A5, 40, 44, D3, DE, 25, 3F, EF, 25, 21, C3, 96, AE, 13, 21, FF, B7, 00, DA, DE, 56, BD, BA, 28, 21, E3, 74, 66, 2F, 21, 30, B5, 84, 2E, 21, 16, CE, 60, 2E, 21, 35, BE, 77, D8, DE, 43, 19, D2, D3, DE, C8, 9D, 06, 29, 21, ED, 36, 23, 2E, 21, B6, 95, 19, D5, DE, 95, 67, 29, 21, 67, 82, 91, 2C, 21, C0, B0, 64, D4, DE, 26, BF, B2, 2A, 21, 81, 70, B1, D7, DE, B2, 29, 5B, D0, DE, 09, 7D, D2, DE, 5C, 87, 64, 2B, 21, 71, 7B, 2F, 21, 94, 79... 
[+]

Entropy:

7.9811 (probably packed)

Code size:

2.3 MB (2,438,656 bytes)

Remove sony+vegas+pro+11+rus+cra_10924_i63767631_il345.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.