» torntv v9.0-nova.exe
Overview
Analysis
File Details
Programs (1)
Network (4)

torntv v9.0-nova.exe

Torntv V9.0

installdaddy

The application torntv v9.0-nova.exe has been detected as adware by 12 anti-malware scanners. This file is typically installed with the program Torntv V9.0 by InstallDaddy Services Ltd. which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. While running, it connects to the Internet address hwcdn.net on port 80 using the HTTP protocol.

File name:

Publisher:

installdaddy

Product:

Torntv V9.0

Description:

Torntv V9.0 exe

Version:

1000.1000.1000.1000

MD5:

2c1307adafee89425131d027bc84cb22

SHA-1:

4b5ecde75ec822a713890ebc80e9068f84b10de8

SHA-256:

3934c48f31740759a26c66f145353c49bad710654a98949fe2aa806ba8029d3e

Scanner detections:

12 / 68

Status:

Adware

Explanation:

InstallDaddy bunldes adware such as toolbars and unwanted browser extensions.

Analysis date:

4/25/2024 9:24:53 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

Adware/CrossRider.A.4102

7.11.150.22

avast!

Win32:Adware-gen [Adw]

2014.9-140612

Baidu Antivirus

Adware.Win32.CrossRider

4.0.3.14517

ESET NOD32

Win32/Toolbar.CrossRider.AE (variant)

8.9811

Fortinet FortiGate

Riskware/Toolbar_CrossRider

6/12/2014

G Data

Win32.Application.Plush

14.6.24

Malwarebytes

PUP.Optional.TornTV.A

v2014.05.17.08

Panda Antivirus

PUP/PlusHD

14.06.12.01

Qihoo 360 Security

Win32/Virus.Adware.af6

1.0.0.1015

Reason Heuristics

PUP.installdaddy.P

14.5.17.20

Trend Micro House Call

TROJ_GEN.F47V0515

7.2.137

VIPRE Antivirus

Crossrider

29286

File size:

574 KB (587,776 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Torntv V9.0.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\torntv v9.0\torntv v9.0-nova.exe

File PE Metadata

Compilation timestamp:

5/15/2014 3:09:35 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:bNFZH3nQ3JYGb/Ec0I9p5FU6dXJpTZC/r5S+D:bNLy7zPpZTk/rI+D

Entry address:

0x425A9

Entry point:

E8, B1, AA, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, E0, 7F, 47, 00, E8, 91, 09, 00, 00, E8, AD, 99, 00, 00, 0F, B7, F0, 6A, 02, E8, 44, AA, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 29, 1B, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.2930

Code size:

405 KB (414,720 bytes)

The file torntv v9.0-nova.exe has been discovered within the following programs.

Torntv V9.0 by InstallDaddy Services Ltd.

This is a potentially unwanted program (PUP) that bundles various additional offers during setup, typically ad-supported (adware) in functionality.

88% remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to tlb.hwcdn.net (69.16.175.42:80)

TCP (HTTP):

Connects to hwcdn.net (69.16.175.10:80)

TCP (HTTP):

Connects to s3-website-us-east-1.amazonaws.com (54.231.0.196:80)

TCP (HTTP):

Connects to ec2-107-22-174-247.compute-1.amazonaws.com (107.22.174.247:80)

Remove torntv v9.0-nova.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.