home

vhsdefaultzip__15047_i1596373077_il1842515.exe.rar

The file vhsdefaultzip__15047_i1596373077_il1842515.exe.rar has been detected as a potentially unwanted program by 24 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from www.sendspace.com.
MD5:
9c27fb13555d6b8ad381c926735f094e

SHA-1:
2b48352ef2ebd9112ff1b53cc9021663e63c1c2e

SHA-256:
4b9a977233d039bb39a4cb299793b219d2d8370ef9a56544525f22d2f87d922e

Scanner detections:
24 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 4:22:56 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Amonetize.kpb
8.3.2.2

Arcabit
PUP.Adware.Amonetize.eas
1.0.0.425

AVG
Generic
2016.0.2993

Baidu Antivirus
PUA.Win32.Amonetize
4.0.3.1598

Bkav FE
W32.HfsAdware
1.3.0.7133

Comodo Security
Application.Win32.Amonetize.NED
23195

Dr.Web
infected with Trojan.Amonetize.4075
9.0.1.05190

ESET NOD32
Win32/Amonetize.HM potentially unwanted application
7.0.302.0

Fortinet FortiGate
Adware/Amonetize
9/8/2015

F-Prot
W32/Amonetize.X.gen
v6.4.7.1.166

G Data
Win32.Application.Agent.F5M0T3
15.9.25

IKARUS anti.virus
PUA.Amonetize.Gz
t3scan.1.9.5.0

K7 AntiVirus
Unwanted-Program
13.2017138

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
15.0.0.543

McAfee
Program.Artemis!BCB1A505E639
18.0.204.0

NANO AntiVirus
Riskware.Win32.Amonetize.dvphgs
0.30.24.3283

Panda Antivirus
Generic Suspicious
15.09.08.03

Qihoo 360 Security
Win32/Virus.Adware.528
1.0.0.1015

Sophos
Generic PUA MN (PUA)
4.98

Trend Micro House Call
TROJ_GE.F0BD473C
7.2.251

Trend Micro
TROJ_GE.F0BD473C
10.465.08

Vba32 AntiVirus
Signed-AdWare.Amonetize
3.12.26.4

VIPRE Antivirus
Amonetize
43556

Zillya! Antivirus
Adware.Amonetize.Win32.7951
2.0.0.2389

File size:
571.6 KB (585,278 bytes)

Common path:
C:\users\{user}\downloads\vhsdefaultzip__15047_i1596373077_il1842515.exe.rar

The file vhsdefaultzip__15047_i1596373077_il1842515.exe.rar has been seen being distributed by the following URL.

https://www.sendspace.com/.../pr4fiy

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.