home

tvapp__8821_i1103396016_il21.exe

KOMPANIYA КRЕАТА LLC

Part of the Amonetize download manager, an installer that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application tvapp__8821_i1103396016_il21.exe by KOMPANIYA КRЕАТА has been detected as adware by 15 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
KOMPANIYA КRЕАТА LLC  (signed and verified)

Version:
1.1.5.89

MD5:
259d4a6422b5dfc2254d47426b622bab

SHA-1:
0904836f5dc45551f785210a827ea02afb4972ce

SHA-256:
363496d5a94e7e42e67da17eab7b86a813d5c3788badca4b0187132f0ccad6bf

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
4/19/2024 11:35:36 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.Amonetiz
2014.07.30

Avira AntiVirus
ADWARE/Adware.Gen2
7.11.164.128

avast!
Win32:Adware-gen [Adw]
140813-1

AVG
Generic
2015.0.3380

Baidu Antivirus
Adware.Win32.Amonetize
4.0.3.14817

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.Amonetize.11
9.0.0.4324

ESET NOD32
Win32/Amonetize.BD potentially unwanted application
7.0.302.0

F-Prot
W32/Amonetize.A.gen
v6.4.7.1.166

G Data
Win32.Application.Amonetize
14.8.24

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize
14.0.0.3393

Malwarebytes
PUP.Optional.Amonetize
v2014.08.17.09

Qihoo 360 Security
Win32/Virus.Adware.932
1.0.0.1015

Rising Antivirus
PE:Malware.Adware!6.17D8
23.00.65.14815

Sophos
Amonetize
4.98

VIPRE Antivirus
Threat.4785227
32210

File size:
347.2 KB (355,552 bytes)

Product version:
1.1.5.89

Original file name:
setup.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tvapp__8821_i1103396016_il21.exe

Digital Signature
Signed by:
KOMPANIYA КRЕАТА LLC

Authority:
Thawte, Inc.

Valid from:
6/15/2014 8:00:00 PM

Valid to:
6/16/2015 7:59:59 PM

Subject:
CN=KOMPANIYA КRЕАТА LLC, O=KOMPANIYA КRЕАТА LLC, L=Kharkiv, S=Kharkiv, C=UA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
04CA5D77531C0E61E4DE2CB0E6E4B5B2

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6144:eCuo14GI9mRnxxxDDxADJtTEOtlBYt+jN0medhjgC39rzqfqVzhjMKuAj07YR:eCuo14B9mRbxDDxADJtTEivYtGI3tzqs

Entry point:
E8, 53, 92, 00, 00, E9, 89, FE, FF, FF, CC, CC, 53, 56, 8B, 44, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 14, 8B, 44, 24, 10, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 0C, F7, F1, 8B, D3, EB, 41, 8B, C8, 8B, 5C, 24, 14, 8B, 54, 24, 10, 8B, 44, 24, 0C, D1, E9, D1, DB, D1, EA, D1, D8, 0B, C9, 75, F4, F7, F3, 8B, F0, F7, 64, 24, 18, 8B, C8, 8B, 44, 24, 14, F7, E6, 03, D1, 72, 0E, 3B, 54, 24, 10, 77, 08, 72, 07, 3B, 44, 24, 0C, 76, 01, 4E, 33, D2, 8B, C6, 5E, 5B, C2, 10, 00, 57, 8B, C6, 83, E0, 0F, 85, C0, 0F, 85, C1, 00...
 
[+]

The file tvapp__8821_i1103396016_il21.exe has been seen being distributed by the following 26 URLs.

http://www.more-files.com/allddT.html?myref=www.livesoccer2014.com&version=1.1.5.89&prefix=TVapp&campid=8821&capp=TvAppMondial&ti1=30401829881406657959&AMt=1406657973602&AMh=7fn2b4gxIWmb09igS84d2Ie2zMXUjQgM3KAUfCzDKPbVydo5QZMSwcespsmVBC1AtdCH3iBb48loOaw3

http://sin1.g.adnxs.com/click?NUZD8Mu2lD81RkPwy7aUP2q8dJMYBMY_NUZD8Mu2lD81RkPwy7aUP5xnxogHtYwzyYKv6UGojWWm9tdTAAAAAFxtIABfAAAAXwAAAAIAAACHv8oAODsFAAAAAQBVU0QAVVNEACwB-gBHDAAAnocAAgQAAQIAAIwA5Sfh-gAAAAA./cnd=!WAbSOQiPr8wBEIf_qgYYuPYUIAQ./referrer=http://.../tt?id=2125148&cb=[matomy2]/clickenc=http://network.adsmarket.com/click/jWhxmmKcqZiOZXCeX8p6w4iQa5ZnnICakWKYmGedep23YmqVZ597w5BnaZdfnA?dp=CP3348367_S95_C13287303_2125148&dp2=sin1CMmFvs2eiOrGZRACGJzPmcb4oK3GMyIOODcuMTA5LjEwNC4yMTUoATCm7d-eBQ..&dp3=Uhttp://.../tt?id=2125148&cb=[matomy2]

http://www.new-hdplugin.com/direct-download.html?version=1.1.5.89&iaff1=9982&ci=4651&capp=FlashPlayer&ti1=Z1dXVpZD1iYmViODQ3ZC03NjYyLTRhMzctYTAzMC02YWJmZGI3YWI1OGE

http://www.new-hdplugin.com/direct-download.html?version=1.1.5.89&iaff1=9982&ci=4651&capp=FlashPlayer&ti1=ZydXVpZD1mMDAxNDM4MC0wOWNjLTQ3ZDYtOGVkMC0xOTM5MmNiNzcyYWY

http://www.spectrumdownload.com/tdownload.php?s1=7d6a331d480486abd8c6b78d7a2a520c0d642cfd&t1=1406666932&ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=4651&ti1=ZydXVpZD1kNzdkZWM3My04ZmMyLTRjMTctYTAwMi0yMWJmY2E2NTcyNDg&iaff1=9982&capp=FlashPlayer

http://www.more-files.com/allddT.html?ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=4651&ti1=ZydXVpZD1kNzdkZWM3My04ZmMyLTRjMTctYTAwMi0yMWJmY2E2NTcyNDg&iaff1=9982&capp=FlashPlayer

http://www.dd-files.com/get.html?ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=4651&ti1=ZydXVpZD1kNzdkZWM3My04ZmMyLTRjMTctYTAwMi0yMWJmY2E2NTcyNDg&iaff1=9982&capp=FlashPlayer

http://www.new-hdplugin.com/direct-download.html?version=1.1.5.89&iaff1=9982&ci=4651&capp=FlashPlayer&ti1=ZydXVpZD1kNzdkZWM3My04ZmMyLTRjMTctYTAwMi0yMWJmY2E2NTcyNDg

http://ads.cttsrv.com/texred?subid=2337cf4ZnXF6b18Aj-1rcKrgAxOTQzMjg0OTY2ICAgICAgICAgICAgICAgICAgICCPwvU8g83AAAEAAAAAAGCSaAEAIgABAAAAAgABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7pnXwZW5OSAEA&cost=0&ru=http://bidder.tlvmedia.com/.../click.php?subid=2337cf4ZnXF6b18Aj-1rcKrgAxOTQzMjg0OTY2ICAgICAgICAgICAgICAgICAgICCPwvU8g83AAAEAAAAAAGCSaAEAIgABAAAAAgABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7pnXwZW5OSAEA&redir=aHR0cDovL3d3dy53aW5tZWRpYXBsYXllci5jb20vZGlyZWN0LWRvd25sb2FkLmh0bWw_dmVyc2lvbj0xLjEuNS44OSZjaT05MjUxJmNhcHA9TWVkaWFQbGF5ZXImdGkxPSRQQVJBTSQ~&subid2=ccd1aHR0cDovL2dyaXBmaWxlLm5ldC9pdHVuZXNnaWZ0Y2FyZHN3aW5kb3dz&subid2=ccd1aHR0cDovL2dyaXBmaWxlLm5ldC9pdHVuZXNnaWZ0Y2FyZHN3aW5kb3dz

http://www.spectrumdownload.com/tdownload.php?s1=85f691f616b61eea999f5c5126fd4b0605dee02d&t1=1406665622&ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=4651&ti1=Z5dXVpZD03OWUzMjA3NC00YTRkLTRjNzgtODgwMS0wOTE1MjI3OWE5NjY&iaff1=9982&capp=FlashPlayer

http://www.more-files.com/allddT.html?ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=4651&ti1=Z5dXVpZD03OWUzMjA3NC00YTRkLTRjNzgtODgwMS0wOTE1MjI3OWE5NjY&iaff1=9982&capp=FlashPlayer

http://www.dd-files.com/get.html?ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=4651&ti1=Z5dXVpZD03OWUzMjA3NC00YTRkLTRjNzgtODgwMS0wOTE1MjI3OWE5NjY&iaff1=9982&capp=FlashPlayer

http://www.new-hdplugin.com/direct-download.html?version=1.1.5.89&iaff1=9982&ci=4651&capp=FlashPlayer&ti1=Z5dXVpZD03OWUzMjA3NC00YTRkLTRjNzgtODgwMS0wOTE1MjI3OWE5NjY

http://www.spectrumdownload.com/tdownload.php?s1=6b7c095f158b9d4da695b5e0fbcfd5e9a895c67b&t1=1406657378&ref=www.winmediaplayer.com&version=1.1.5.89&direct=1&prefix=MediaPlayer&campid=9251&ti1=TR_02zc1jc0z7ict5f&capp=MediaPlayer

http://www.more-files.com/allddT.html?ref=www.winmediaplayer.com&version=1.1.5.89&direct=1&prefix=MediaPlayer&campid=9251&ti1=TR_02zc1jc0z7ict5f&capp=MediaPlayer

http://www.dd-files.com/get.html?ref=www.winmediaplayer.com&version=1.1.5.89&direct=1&prefix=MediaPlayer&campid=9251&ti1=TR_02zc1jc0z7ict5f&capp=MediaPlayer

http://www.winmediaplayer.com/direct-download.html?version=1.1.5.89&ci=9251&capp=MediaPlayer&ti1=TR_02zc1jc0z7ict5f

http://bidder.tlvmedia.com/.../click.php?subid=234ff04ZnXF6b18Aj-1rcKrgAzNzU4ODA3NjE2ICAgICAgICAgICAgICAgICAgICCPwvU8gM3AAAEAAAAAABjq3gEAIgABAAAAAwABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYdi8CZW5UWAEA&redir=aHR0cDovL3d3dy53aW5tZWRpYXBsYXllci5jb20vZGlyZWN0LWRvd25sb2FkLmh0bWw_dmVyc2lvbj0xLjEuNS44OSZjaT05MjUxJmNhcHA9TWVkaWFQbGF5ZXImdGkxPSRQQVJBTSQ~&subid2=267faHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8_cT1zb2Z0d2FyZSUlMjB1cGRhdGVyJSUyMGFpciUlMjBzb2Z0d2FyZQ~~

http://ads.cttsrv.com/texred?subid=234ff04ZnXF6b18Aj-1rcKrgAzNzU4ODA3NjE2ICAgICAgICAgICAgICAgICAgICCPwvU8gM3AAAEAAAAAABjq3gEAIgABAAAAAwABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYdi8CZW5UWAEA&cost=0&ru=http://bidder.tlvmedia.com/.../click.php?subid=234ff04ZnXF6b18Aj-1rcKrgAzNzU4ODA3NjE2ICAgICAgICAgICAgICAgICAgICCPwvU8gM3AAAEAAAAAABjq3gEAIgABAAAAAwABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYdi8CZW5UWAEA&redir=aHR0cDovL3d3dy53aW5tZWRpYXBsYXllci5jb20vZGlyZWN0LWRvd25sb2FkLmh0bWw_dmVyc2lvbj0xLjEuNS44OSZjaT05MjUxJmNhcHA9TWVkaWFQbGF5ZXImdGkxPSRQQVJBTSQ~&subid2=267faHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8_cT1zb2Z0d2FyZSUlMjB1cGRhdGVyJSUyMGFpciUlMjBzb2Z0d2FyZQ~~&subid2=267faHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8_cT1zb2Z0d2FyZSUlMjB1cGRhdGVyJSUyMGFpciUlMjBzb2Z0d2FyZQ~~

http://www.spectrumdownload.com/tdownload.php?s1=4fd0181109eb0180de24c24835c6aa4655911622&t1=1406656967&ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=7824&ti1=TR_02zbvpr6z7ici54&capp=FlashPlayer

http://www.more-files.com/allddT.html?ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=7824&ti1=TR_02zbvpr6z7ici54&capp=FlashPlayer

http://www.dd-files.com/get.html?ref=www.winflashplayer.com&version=1.1.5.89&direct=1&prefix=FlashPlayersetup&campid=7824&ti1=TR_02zbvpr6z7ici54&capp=FlashPlayer

http://www.new-hdplugin.com/direct-download.html?version=1.1.5.89&ci=7824&capp=FlashPlayer&ti1=TR_02zbvpr6z7ici54

http://bidder.tlvmedia.com/.../click.php?subid=234b44zIfXF6b18Aj-1rcKrgAzNzU4ODA3NjE2ICAgICAgICAgICAgICAgICAgICBvMmRAZue_AAEAAAAAAIAJxQEAIgABAAAAAwABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYdi8CZW5UWAEA&redir=aHR0cDovL3d3dy5uZXctaGRwbHVnaW4uY29tL2RpcmVjdC1kb3dubG9hZC5odG1sP3ZlcnNpb249MS4xLjUuODkmY2k9NzgyNCZjYXBwPUZsYXNoUGxheWVyJnRpMT0kUEFSQU0k&subid2=b172aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8_cT1zb255JSUyMHBzNCUlMjB1cGRhdGUlJTIwMS43NQ~~

http://ads.cttsrv.com/texred?subid=234b44zIfXF6b18Aj-1rcKrgAzNzU4ODA3NjE2ICAgICAgICAgICAgICAgICAgICBvMmRAZue_AAEAAAAAAIAJxQEAIgABAAAAAwABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYdi8CZW5UWAEA&cost=0&ru=http://bidder.tlvmedia.com/.../click.php?subid=234b44zIfXF6b18Aj-1rcKrgAzNzU4ODA3NjE2ICAgICAgICAgICAgICAgICAgICBvMmRAZue_AAEAAAAAAIAJxQEAIgABAAAAAwABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYdi8CZW5UWAEA&redir=aHR0cDovL3d3dy5uZXctaGRwbHVnaW4uY29tL2RpcmVjdC1kb3dubG9hZC5odG1sP3ZlcnNpb249MS4xLjUuODkmY2k9NzgyNCZjYXBwPUZsYXNoUGxheWVyJnRpMT0kUEFSQU0k&subid2=b172aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8_cT1zb255JSUyMHBzNCUlMjB1cGRhdGUlJTIwMS43NQ~~&subid2=b172aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8_cT1zb255JSUyMHBzNCUlMjB1cGRhdGUlJTIwMS43NQ~~

http://www.more-files.com/allddT.html?myref=www.livesoccer2014.com&version=1.1.5.89&prefix=TVapp&campid=8821&capp=TvAppMondial&ti1=29707286401406664281&AMt=1406664305179&AMh=7fn2b4gxIWmb09igS84d2Ie2zMXUjQgM3KAUfCzDKPbVydo5QZMSwcespsmVBC1AtdCH3iBb48loOaw3

Remove tvapp__8821_i1103396016_il21.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.