» turn up the love.exe
Overview
Analysis
File Details
Downloads (1)

turn up the love.exe

Clean Disk Security

LLC IT Management

The application turn up the love.exe, “Clean Free Space of Drives (security)” by LLC IT Management has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from forces.nashamain.ru.

File name:

Publisher:

Kevin Solway (signed by LLC IT Management)

Product:

Clean Disk Security

Description:

Clean Free Space of Drives (security)

Version:

7.8.3.1

MD5:

70e834a23ccaf5ccc73e38c900f16daf

SHA-1:

aca903591133392fb35e6c4fd5795665f45dc8d1

SHA-256:

4dc20230095785b12ab61356c71a38b9fa82773a4d57ef85327f1cf9b3d8e87f

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/10/2024 5:27:30 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ITManage

17.2.24.4

File size:

291.9 KB (298,888 bytes)

Product version:

7.50

Trademarks:

Clean Disk Security TM Kevin Solway 1999

Original file name:

Clndsk.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\turn up the love.exe

Digital Signature

Signed by:

LLC IT Management

Authority:

COMODO CA Limited

Valid from:

6/2/2014 10:00:00 AM

Valid to:

6/3/2015 9:59:59 AM

Subject:

CN=LLC IT Management, O=LLC IT Management, STREET=Bagritskogo 51/2, L=Moscow, S=Moscovskaya oblast, PostalCode=121471, C=RU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2E9D66F88B13880A37872C17A2E17029

File PE Metadata

Compilation timestamp:

6/20/1992 8:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x1000

Entry point:

E9, D7, FC, 03, 00, C7, 05, 16, 20, 44, 00, 1C, 14, 01, 00, C6, 05, DF, 20, 44, 00, C5, 89, 5C, 24, EE, 8D, 3D, 4B, 20, 44, 00, 89, 57, 04, C3, C3, 8D, 40, 00, FF, 25, 24, 20, 44, 00, B8, 24, 10, 40, 00, C3, C7, 05, 16, 20, 44, 00, 1C, 14, 01, 00, C6, 05, DF, 20, 44, 00, C5, 89, 5C, 24, EE, 8D, 3D, 4B, 20, 44, 00, 89, 57, 04, E8, 3D, 04, 00, 00, 89, 05, 6E, 20, 44, 00, 89, 35, AF, 20, 44, 00, 21, 0D, DA, 20, 44, 00, C7, 05, 59, 20, 44, 00, 00, 70, 01, 00, 21, 15, 81, 20, 44, 00, BE, C7, 00, 00, 00, 89, 0D... 
[+]

Packer / compiler:

Xtreme-Protector v1.05

Code size:

256 KB (262,144 bytes)

The file turn up the love.exe has been seen being distributed by the following URL.

http://forces.nashamain.ru/NTM2NTtodHRwJTNBJTJGJTJGenZ1a29mZi5ydSUyRmRvd25sb2FkJTJGMTUyMTk5NztuYW1lPVR1cm4rVXArVGhlK0xvdmU7c2l6ZT03ODg0ODAwO3R5cGU9YXVkaW8=

Remove turn up the love.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.