home

terrapin code 128hd.rar_10924_i65254436_il345.exe

A4 TOV

The application terrapin code 128hd.rar_10924_i65254436_il345.exe by A4 TOV has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
A4 TOV  (signed and verified)

Description:
Setup/Uninstall

Version:
51.49.0.0

MD5:
ae30769c07f41f1b12a560fb494f2dce

SHA-1:
1ab825216f0a99fefa66973c8ee7a6772108acf0

SHA-256:
77a4b7efe080849d5539d70f8635155743adcda35305dd8d7e7c56c7c937701f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
5/13/2024 4:34:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Amonetize (M)
17.2.10.8

File size:
1.8 MB (1,920,992 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\terrapin+code+128hd.rar\terrapin code 128hd.rar_10924_i65254436_il345.exe

Digital Signature
Signed by:
A4 TOV

Authority:
COMODO CA Limited

Valid from:
9/17/2015 1:00:00 AM

Valid to:
9/17/2016 12:59:59 AM

Subject:
CN=A4 TOV, O=A4 TOV, STREET=Bud. 29 vul.Shchorsa, L=Kiev, S=Kiev, PostalCode=01010, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
27FB5DEC4CCFD4F3CF69A6B639C6AD4B

File PE Metadata
Compilation timestamp:
9/29/2015 7:52:44 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x2519D6

Entry point:
68, C4, E7, 62, 33, E8, 5E, 6E, FF, FF, 00, 00, 47, 65, 74, 41, 43, 50, 00, 68, 24, E7, 61, 31, E8, 4B, 6E, FF, FF, EF, 71, 79, FD, C2, EC, 4D, 79, FD, F6, D7, D4, 86, 02, 0C, 4A, CD, 86, 82, 6D, D7, C9, 86, 82, 7E, 1E, 05, 78, FD, 84, 36, D5, 79, 7D, 9F, 88, F2, 86, 02, 8B, 70, 5E, 79, 7D, E6, 9C, B5, 79, 7D, 51, EB, 64, 86, 02, 43, FA, EC, 79, 7D, 38, E9, FD, 79, FD, EC, 4D, 1F, 79, 7D, FD, F0, 27, 87, 82, F7, 1F, 79, FD, 36, 17, EE, 86, 02, D0, 29, B0, 86, 82, BD, C3, F5, 86, 82, 3C, 08, 06, 78, FD, 10...
 
[+]

Code size:
1.8 MB (1,909,248 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.