home

speed queen dryer owners manua downloader__3687_i1491004476_il1347642.exe

LLC

The application speed queen dryer owners manua downloader__3687_i1491004476_il1347642.exe by LLC has been detected as adware by 21 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from mynewmediadownloads.com.
Publisher:
LLC   (signed and verified)

Version:
1.1.5.26

MD5:
a69613e7c4f7df0788e59245a13d5f64

SHA-1:
9cb9fd415443515ae7fc77e989f5fcc1afdd3c2e

SHA-256:
4e6b32b8da07f971328111ab427268c781e8ef62a7162cc5228936045d8d3404

Scanner detections:
21 / 68

Status:
Adware

Analysis date:
1/3/2026 5:07:26 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Amonetize.26
672

Agnitum Outpost
PUA.Amonetize
7.1.1

AhnLab V3 Security
PUP/Win32.Amonetize
2015.04.04

Avira AntiVirus
ADWARE/Adware.Gen2
3.6.1.96

AVG
Amonetize
2016.0.3150

Bitdefender
Gen:Variant.Application.Bundler.Amonetize.26
1.0.20.470

Dr.Web
Trojan.Amonetize.2248
9.0.1.094

ESET NOD32
Win32/Amonetize.EA potentially unwanted (variant)
9.11423

F-Secure
Gen:Variant.Application.Bundler
11.2015-04-04_7

G Data
Gen:Variant.Application.Bundler.Amonetize.26
15.4.25

herdProtect (fuzzy)
variant of 00000000
2015.7.8.16

K7 AntiVirus
Adware
13.203.15761

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.2243

McAfee
Artemis!D28DAC40417B
5600.6710

MicroWorld eScan
Gen:Variant.Application.Bundler.Amonetize.26
16.0.0.282

NANO AntiVirus
Riskware.Win32.Amonetize.dpzwzf
0.30.24.1357

Panda Antivirus
Trj/Genetic.gen
15.04.04.09

Reason Heuristics
Threat.Win.Reputation.IMP
15.4.4.9

SUPERAntiSpyware
Adware.Amonetize/Variant
9766

Trend Micro House Call
TROJ_GEN.R047C0EDQ15
7.2.189

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
39032

File size:
1.2 MB (1,287,184 bytes)

Product version:
1.1.5.26

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\speed queen dryer owners manua downloader__3687_i1491004476_il1347642.exe

Digital Signature
Signed by:
LLC

Authority:
COMODO CA Limited

Valid from:
2/22/2015 7:00:00 PM

Valid to:
2/23/2016 6:59:59 PM

Subject:
CN="LLC ""HALKON PLYUS""", O="LLC ""HALKON PLYUS""", STREET="Brody, house 60", L=Ternopil, S=Ternopilska, PostalCode=46010, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DB146CEBBA591269C2AFDE437524C41C

File PE Metadata
Compilation timestamp:
4/3/2015 5:00:28 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:jKvnzjHvPwi/4FxuAuRNZ1hi2CMoxEurqvW3Csj/ZhLt3bB1JOjgPLFnfRezLq43:mvn39NzFniB3bB18cOzLq4bkaIZ1Y

Entry address:
0xA965B

Entry point:
E8, 07, 03, 01, 00, E9, 89, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 74, 2E, 50, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 74, 2E, 50, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Entropy:
5.9270

Code size:
904 KB (925,696 bytes)

The file speed queen dryer owners manua downloader__3687_i1491004476_il1347642.exe has been seen being distributed by the following URL.

http://mynewmediadownloads.com/download.php?version=1.1.5.26&campid=3687&instid[appname]=Speed Queen Dryer Owners Manual Downloader&instid[appsetupurl]=http://fastmediadownloads.com/download/Prompt-Downloader-1145001395.exe&instid[cmdline]=&instid[appimageurl]=http://.../logo.png&prefix=Speed Queen Dryer Owners Manua Downloader&instid[interrupted]=http://.../?cancel&ti1=1145001395&instid[thankyoupage]=http://.../?success

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.