» tuto4pc.exe
Overview
Analysis
File Details
Downloads (1)

tuto4pc.exe

TUTO4PC COM INTERNATIONAL SL

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application tuto4pc.exe, “Tuto4PC Setup ” by TUTO4PC COM INTERNATIONAL SL has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser. The file has been seen being downloaded from dlfr.tuto4pc.com.

File name:

tuto4pc.exe

Publisher:

Tuto4PC (signed by TUTO4PC COM INTERNATIONAL SL)

Product:

Tuto4PC

Description:

Tuto4PC Setup

MD5:

f226773b55ae7e3a118fee2ecb09a6c3

SHA-1:

2b76a0a22c32c726d980bdb9f74ecadbe364d7d2

SHA-256:

b5adb0fb54dfde68d3c8c9b7c2efc06a4b154eda5f91bc59e11ac32f804a0e67

Scanner detections:

17 / 68

Status:

Adware

Analysis date:

4/26/2024 3:48:01 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/EoRezo.Gen

7.11.143.18

avast!

Win32:Eorezo-BU [PUP]

2014.9-140412

Boost by Reason

Optional.TUTO4PCCOMINTERNATIONALSL.H

188838

Comodo Security

Application.Win32.EoRezo.AR

18095

Dr.Web

Adware.Downware.1597

9.0.1.0102

ESET NOD32

Win32/AdWare.EoRezo.AU (variant)

8.9670

IKARUS anti.virus

AdWare.Win32.EoRezo

t3scan.1.6.1.0

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.3439

Malwarebytes

Adware.Eorezo

v2014.04.12.11

McAfee

Adware-Eorezo!F226773B55AE

5600.7162

Microsoft Security Essentials

Adware:Win32/EoRezo

1.10401

NANO AntiVirus

Trojan.Win32.Generic.ctytne

0.28.0.59048

Reason Heuristics

PUP.Installer.TUTO4PCCOMINTERNATIONALSL.H

14.8.8.3

Rising Antivirus

PE:PUF.Inno!1.9E56

23.00.65.14806

Sophos

Eorezo

4.98

Vba32 AntiVirus

Downloader.Agent

3.12.26.0

VIPRE Antivirus

Adware.Eorezo

28208

File size:

2.1 MB (2,233,608 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\tuto4pc.exe

Digital Signature

Signed by:

TUTO4PC COM INTERNATIONAL SL

Authority:

GlobalSign nv-sa

Valid from:

6/26/2013 8:19:10 AM

Valid to:

6/27/2014 8:19:10 AM

Subject:

E=contact@tutoriales100.com, CN=TUTO4PC COM INTERNATIONAL SL, O=TUTO4PC COM INTERNATIONAL SL, L=BARCELONA, S=CATALUNYA, C=ES

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121E6FBF47B55F81EDBA70D3D2CA03E568F

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:S9BTvUl28BJn68Rx8RmeeJaJV9AJ0wZyLom6ooC8l0d98n45S4fi1wT1u12E:ct2BR6o8RfZyu8UI/m2n4fi1wJWt

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9950

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file tuto4pc.exe has been seen being distributed by the following URL.

http://dlfr.tuto4pc.com/clib/tuto4pc/fr//.../tuto4pc.exe

Remove tuto4pc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.