» tuto4pc.exe
Overview
Analysis
File Details
Downloads (1)

tuto4pc.exe

TUTO4PC COM INTERNATIONAL SL

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application tuto4pc.exe, “Tuto4PC Setup ” by TUTO4PC COM INTERNATIONAL SL has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser. The file has been seen being downloaded from dlfr.tuto4pc.com.

File name:

tuto4pc.exe

Publisher:

Tuto4PC (signed by TUTO4PC COM INTERNATIONAL SL)

Product:

Tuto4PC

Description:

Tuto4PC Setup

MD5:

6c3ef9a97cd206857f24849967036e6f

SHA-1:

edbbf181c14e5d086a8b54ec65cc577591f3158e

SHA-256:

177331856c6e0ab9480e176b11781b01461e3e0e5ca00117535f93cdcce522fb

Scanner detections:

17 / 68

Status:

Adware

Analysis date:

4/23/2024 2:17:24 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/EoRezo.Gen

7.11.143.18

avast!

Win32:Eorezo-BU [PUP]

2014.9-140412

Boost by Reason

Optional.TUTO4PCCOMINTERNATIONALSL.H

188838

Comodo Security

Application.Win32.EoRezo.AR

18095

Dr.Web

Adware.Downware.1597

9.0.1.0102

ESET NOD32

Win32/AdWare.EoRezo.AU (variant)

8.9670

IKARUS anti.virus

AdWare.Win32.EoRezo

t3scan.1.6.1.0

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.3439

Malwarebytes

Adware.Eorezo

v2014.04.12.11

McAfee

Adware-Eorezo!6C3EF9A97CD2

5600.7162

Microsoft Security Essentials

Adware:Win32/EoRezo

1.10401

NANO AntiVirus

Trojan.Win32.Generic.ctytne

0.28.0.59048

Reason Heuristics

PUP.Installer.TUTO4PCCOMINTERNATIONALSL.H

14.8.8.3

Rising Antivirus

PE:PUF.Inno!1.9E56

23.00.65.14806

Sophos

Eorezo

4.98

Vba32 AntiVirus

Downloader.Agent

3.12.26.0

VIPRE Antivirus

Adware.Eorezo

28208

File size:

2.1 MB (2,233,600 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\tuto4pc.exe

Digital Signature

Signed by:

TUTO4PC COM INTERNATIONAL SL

Authority:

GlobalSign nv-sa

Valid from:

6/26/2013 8:19:10 AM

Valid to:

6/27/2014 8:19:10 AM

Subject:

E=contact@tutoriales100.com, CN=TUTO4PC COM INTERNATIONAL SL, O=TUTO4PC COM INTERNATIONAL SL, L=BARCELONA, S=CATALUNYA, C=ES

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121E6FBF47B55F81EDBA70D3D2CA03E568F

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:a9BTvUl28BJn68Rx8RmeeJaJV9AJ0wZyLom6ooC8l0d98n45S4fi1wT1u12D:Ut2BR6o8RfZyu8UI/m2n4fi1wJWW

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9950

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file tuto4pc.exe has been seen being distributed by the following URL.

http://dlfr.tuto4pc.com/clib/tuto4pc/fr//.../tuto4pc.exe

Remove tuto4pc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.