home

whitney_houston_-_discography_1987-2010_mp3_320_kbps.exe

Tanja Matkovic

The application whitney_houston_-_discography_1987-2010_mp3_320_kbps.exe by Tanja Matkovic has been detected as adware by 7 anti-malware scanners. This is a setup program which is used to install the application. The setup installer will bundle multiple adware offers during download and setup (based on the user's geographical location) including toolbars, extensions and coupon utilities. The file has been seen being downloaded from www.torntv-tvv.org and multiple other hosts.
Publisher:
Tanja Matkovic  (signed and verified)

MD5:
ce1af1e495aca9c97a822fa7b4add285

SHA-1:
efae24a4bbff817471706c3d876cb711d0aae77c

SHA-256:
aba72abf1cf9257aaef1cfb8734e480332916a19707ccdfa403d1a1b077ec18a

Scanner detections:
7 / 68

Status:
Adware

Explanation:
Bundles a number of adware programs in the installer.

Analysis date:
4/26/2024 7:52:16 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Yontoo.4
9.0.1.048

Malwarebytes
PUP.Optional.OneClickDownloader.A
v2014.02.17.02

McAfee
Artemis!CE1AF1E495AC
5600.7217

Reason Heuristics
PUP.TanjaMatkovic.u
14.3.29.10

Sophos
1 Click Downloader
4.97

Trend Micro House Call
TROJ_GEN.F47V0216
7.2.48

VIPRE Antivirus
CoolMirage Ltd
26548

File size:
435.7 KB (446,184 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\whitney_houston_-_discography_1987-2010_mp3_320_kbps.exe

Digital Signature
Signed by:
Tanja Matkovic

Authority:
Thawte, Inc.

Valid from:
4/30/2013 9:00:00 PM

Valid to:
5/1/2014 8:59:59 PM

Subject:
CN=Tanja Matkovic, OU=Individual Developer, O=No Organization Affiliation, L=Subotica, S=Subotica, C=RS

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
6A3131F81D52E40A00F4396C56D649C5

File PE Metadata
Compilation timestamp:
12/5/2009 8:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:bsZ7VnUROpUrvFayucIkzPVAJ9zsiGbXsqQoe//4smmMgQ1/7yktSMuPLR7Tsfnr:gVnhGhaR17sdnDT1DyASMK8nC3A2oD

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Code size:
23 KB (23,552 bytes)

The file whitney_houston_-_discography_1987-2010_mp3_320_kbps.exe has been seen being distributed by the following 8 URLs.

http://www.torntv-tvv.org/.../Old_boy_2003_Full.exe

http://www.torntv-tvv.org/.../The_Avengers_HD_iso.exe

http://www.torntv-tvv.org/.../Trishna_-_BRRip_-_XviD_-_1CDRip_-_DDR.exe

http://www.torntv-tvv.org/.../Adobe_Acrobat_X_10_1_1_Pro_exe.exe

http://www.torntv-tvv.org/.../Eric_Flint_-_Ring_of_Fire_Audio_Books.exe

http://www.torntv-tvv.org/.../DownloadSetup.exe

http://www.torntv-tvv.org/.../EaseUS_CleanGenius_Pro_3.exe

http://www.torntv-tvv.org/.../Whitney_Houston_-_Discography_1987-2010_Mp3_320_kbps.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.