» subway-surfers.zip.exe
Overview
Analysis
File Details

subway-surfers.zip.exe

used of

Alexey Kurilenko

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application subway-surfers.zip.exe by Alexey Kurilenko has been detected as adware by 19 anti-malware scanners.

File name:

Publisher:

of a (signed by Alexey Kurilenko)

Product:

used of

Version:

0.8.0.0

MD5:

66c56da3e29183df38575e7033261b7f

SHA-1:

a558a961842442888175f12119211441636d5204

SHA-256:

ca9c2dcedd29dc2f264038efb67f207feae155c37b686a177f84573106378a9d

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

5/14/2024 4:26:27 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.100672

918

Avira AntiVirus

Adware/MultiPlug.aob

7.11.164.214

avast!

Win32:PUP-gen [PUP]

140617-1

AVG

Adware Generic_r.QP

2014.0.3986

Bitdefender

Gen:Variant.Zusy.100672

1.0.20.1060

Dr.Web

Trojan.Siggen6.21336

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Zusy.100672

8.14.07.31.06

ESET NOD32

Win32/AdWare.MultiPlug.AQ (variant)

8.10184

F-Secure

Gen:Variant.Zusy.100672

11.2014-31-07_5

G Data

Gen:Variant.Zusy.100672

14.7.24

IKARUS anti.virus

AdWare.SaveNet

t3scan.1.6.1.0

Malwarebytes

PUP.Optional.InstallRex

v2014.07.31.06

McAfee

PUP-FMH

5600.7052

MicroWorld eScan

Gen:Variant.Zusy.100672

15.0.0.636

NANO AntiVirus

Trojan.Win32.Siggen6.dcscvl

0.28.2.61148

Panda Antivirus

Trj/Kazy.AS

14.07.31.06

Reason Heuristics

PUP.AlexeyKurilenko.R

14.7.31.17

Sophos

MultiPlug

4.98

VIPRE Antivirus

Threat.4786450

31208

File size:

778.9 KB (797,560 bytes)

Product version:

0.8.0.0

Original file name:

volume are

File type:

Executable application (Win32 EXE)

Language:

English (United Kingdom)

Common path:

C:\users\{user}\downloads\subway-surfers.zip.exe

Digital Signature

Signed by:

Alexey Kurilenko

Authority:

Unizeto Technologies S.A.

Valid from:

6/17/2014 3:20:17 PM

Valid to:

6/17/2015 3:20:17 PM

Subject:

E=Alexey.kurilenko@hotmail.com, CN=Alexey Kurilenko, O=Alexey Kurilenko, C=RU

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

15D51642691B3EE20985639A8FE865DD

File PE Metadata

Compilation timestamp:

7/21/2014 2:07:58 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:lL4tl+lShtQwWZadTh9wdDKlUBWZCjGLNVkIV+RXpa9:lctl3htkwJU4hCjG/2o

Entry address:

0x1764E

Entry point:

E8, 9F, 7D, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, B0, CD, 42, 00, E8, FC, 0D, 00, 00, E8, 2E, 04, 00, 00, 0F, B7, F0, 6A, 02, E8, 32, 7D, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, F0, 45, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

7.7618 (probably packed)

Code size:

135.5 KB (138,752 bytes)

Remove subway-surfers.zip.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.