» torntv v9.0-firefoxinstaller.exe
Overview
Analysis
File Details
Programs (1)
Network (3)

torntv v9.0-firefoxinstaller.exe

Torntv V9.0

installdaddy

The application torntv v9.0-firefoxinstaller.exe has been detected as adware by 10 anti-malware scanners. This file is typically installed with the program Torntv V9.0 by InstallDaddy Services Ltd. which is a potentially unwanted software program. The Firefox Installer is part of the Crossrider toolbar platform and is designed to install the Crossrider plugin within Mozilla Firefox. It will also manage the Firefox SQLite connectivity. While running, it connects to the Internet address stats.srvstatsdata.com on port 80 using the HTTP protocol.

File name:

Publisher:

installdaddy

Product:

Torntv V9.0

Description:

Torntv V9.0 exe

Version:

1000.1000.1000.1000

MD5:

ae5cc37cab259dd30bdefb7303cf2b11

SHA-1:

00171e1a105ae7cc15d7b091b4fb8e24d7cca4d9

SHA-256:

70a83ab3e4eac8933f9d146263e54403edfa999d29851550b9f4a75f756ae185

Scanner detections:

10 / 68

Status:

Adware

Explanation:

InstallDaddy bunldes adware such as toolbars and unwanted browser extensions.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:

5/10/2024 6:50:16 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.CrossRider

4.0.3.14218

Dr.Web

Trojan.Crossrider.950

9.0.1.049

ESET NOD32

Win32/Toolbar.CrossRider (variant)

8.9430

Fortinet FortiGate

Riskware/Toolbar_CrossRider

2/18/2014

Malwarebytes

PUP.Optional..A

v2014.02.18.04

McAfee

Artemis!3342B35B7116

5600.7215

Reason Heuristics

PUP.installdaddy.BB

14.2.18.16

Sophos

Generic PUA EC

4.97

Trend Micro House Call

TROJ_GEN.R0C1H05B314

7.2.49

VIPRE Antivirus

Crossrider

26524

File size:

910.5 KB (932,352 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Torntv V9.0.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\torntv v9.0\torntv v9.0-firefoxinstaller.exe

File PE Metadata

Compilation timestamp:

1/20/2014 2:24:20 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:t0/ZDibVoYKaQCvEwCRdllEGx8PkrM6f+L6EyrYaHE6T3kSIk0tryv3Vij6dwgpp:t0/Z+JLfcTRdllEGx8PO0yvU6TF

Entry address:

0x99AE0

Entry point:

E8, 89, F1, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 57, 8B, 7B, 08, 33, 3D, 38, 31, 4E, 00, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8B, 07, 8D, 73, 10, 83, F8, FE, 74, 0D, 8B, 4F, 04, 03, CE, 33, 0C, 30, E8, 33, A3, FF, FF, 8B, 4F, 0C, 8B, 47, 08, 03, CE, 33, 0C, 30, E8, 23, A3, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, D0, 00, 00, 00, 89, 45, E8, 8B, 45, 10, 89, 45, EC, 8D, 45, E8, 89, 43, FC, 8B, 43, 0C, 89, 45, F8, 83, F8, FE, 0F, 84, EE, 00... 
[+]

Entropy:

6.5440

Code size:

746 KB (763,904 bytes)

The file torntv v9.0-firefoxinstaller.exe has been discovered within the following program.

Torntv V9.0 by InstallDaddy Services Ltd.

This is a potentially unwanted program (PUP) that bundles various additional offers during setup, typically ad-supported (adware) in functionality.

88% remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to update.srvstatsdata.com (69.16.175.42:80)

http://update.srvstatsdata.com/installer_updates/004800/update.json

TCP (HTTP):

Connects to stats.srvstatsdata.com (176.32.99.41:80)

TCP (HTTP):

Connects to app-static.crossrider.com (69.16.175.10:80)

Remove torntv v9.0-firefoxinstaller.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.