home

super nintendo todos os jogos emulador pc.exe

DEVSTATION LLC

The application super nintendo todos os jogos emulador pc.exe by DEVSTATION has been detected as a potentially unwanted program by 19 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from 4threquest.me.
Publisher:
DEVSTATION LLC  (signed and verified)

MD5:
f500cce600503c8a533f57dc0fb7d079

SHA-1:
a50bffcc95b48cf9fe6b3d97d96243110ba462e5

SHA-256:
c25e2f7febd2153ee5ef06eb937999e5e3e98d5503fc9f9bbee3933f8d25def1

Scanner detections:
19 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 11:06:18 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Adload.G
5575208

AhnLab V3 Security
Adware/Win32.LoadMoney
2015.05.29

Avira AntiVirus
TR/Dldr.Adload.zewqw
8.3.1.6

avast!
Downloader-ACE [PUP]
150525-2

AVG
Downloader.NSIS
2014.0.4311

Bitdefender
Adware.Adload.G
1.0.20.740

Emsisoft Anti-Malware
Adware.Adload
10.0.0.5366

ESET NOD32
NSIS/TrojanDownloader.Adload.AM trojan
7.0.302.0

Fortinet FortiGate
Adware/AdloadAM
5/28/2015

F-Secure
Adware.Adload.G
11.2015-28-05_5

G Data
Adware.Adload
15.5.25

K7 AntiVirus
Unwanted-Program
13.204.16062

MicroWorld eScan
Adware.Adload.G
16.0.0.444

NANO AntiVirus
Trojan.Nsis.Genome.drxdju
0.30.24.1636

Norman
Downloader
11.20150528

nProtect
Adware.Adload.G
15.05.28.01

Sophos
PUA 'AdLoad' (of type Adware)
5.14

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

VIPRE Antivirus
Threat.4785227
40552

File size:
69.7 KB (71,416 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\super nintendo todos os jogos emulador pc.exe

Digital Signature
Signed by:
DEVSTATION LLC

Authority:
Starfield Technologies, Inc.

Valid from:
5/18/2015 6:00:38 AM

Valid to:
5/13/2016 12:08:38 PM

Subject:
CN=DEVSTATION LLC, O=DEVSTATION LLC, L=Lewes, S=Delaware, C=US

Issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
68D49B6A84636D77

File PE Metadata
Compilation timestamp:
12/5/2009 8:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:JQpQ5EP0ijnRTXJk5NHFmQ2YGTtl6TwTlJz8xN:JQIURTXJk5Nlx2YGZ0MTfzuN

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file super nintendo todos os jogos emulador pc.exe has been seen being distributed by the following URL.

http://4threquest.me/ids/.../Super Nintendo – todos os jogos emulador – PC.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.