home

why did cesar millan get bite_ - explanation and full analysis.mp4.exe

The application why did cesar millan get bite_ - explanation and full analysis.mp4.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. The file has been seen being downloaded from sfs.ezdownloadpro.info a web site host known to distribute potentially unwanted software operated by Rafael Leviev.
MD5:
853bb192e428c51bb18dc813550c6b85

SHA-1:
8b91ba014b83c03f32f88673bb043ac46a55f84f

SHA-256:
d70e3d11667dc6a2ebe3eb803c8072ba921be048d6046a97200af1402ed49507

Scanner detections:
23 / 68

Status:
Potentially unwanted

Analysis date:
4/29/2024 6:36:44 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Mikey.8516
6708664

AhnLab V3 Security
PUP/Win32.MultiPlug
2015.03.04

Avira AntiVirus
ADWARE/MultiPlug.Gen
7.11.213.76

AVG
Generic6
2016.0.3181

Bitdefender
Gen:Variant.Adware.Mikey.8516
1.0.20.310

Comodo Security
Application.Win32.AdWare.MultiPlug.VA
21280

Dr.Web
Trojan.DownLoader12.34929
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Mikey.8516
9.0.0.4799

ESET NOD32
Win32/Adware.MultiPlug.FC application
7.0.302.0

F-Prot
W32/S-4ef98cc5
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Mikey
5.13.68

G Data
Gen:Variant.Adware.Mikey.8516
15.3.25

K7 AntiVirus
Unwanted-Program
13.200.15148

Malwarebytes
PUP.Optional.Unizeto
v2015.03.03.01

McAfee
Program.MultiPlug-FWG
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.Mikey.8516
16.0.0.186

NANO AntiVirus
Riskware.Win32.MultiPlug.dopsni
0.30.0.296

Panda Antivirus
Generic Suspicious
15.03.03.01

Reason Heuristics
Threat.Win.Reputation.IMP
15.3.3.13

Rising Antivirus
PE:Malware.XPACK-HIE/Heur!1.9C48
23.00.65.15301

Sophos
PUA 'MultiPlug' (of type Adware)
5.11

Vba32 AntiVirus
SScope.Adware.MultiPlug
3.12.26.3

File size:
1 MB (1,062,400 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\{2de436c7-754e-53e9-2de4-436c7754db1d}\why did cesar millan get bite_ - explanation and full analysis.mp4.exe

File PE Metadata
Compilation timestamp:
10/21/2013 1:24:26 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:rrlB5YLXqeTH1qSnOyzuFIBzTh22fFdIa+2TCel4I07NfmU:rH5YmeImzuFIx42gaNl4IO

Entry address:
0xDC362

Entry point:
E8, DF, 14, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, EE, 4E, 00, E8, E8, 19, 00, 00, E8, AC, 16, 00, 00, 0F, B7, F0, 6A, 02, E8, 72, 14, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, E8, 02, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.3752

Code size:
899.5 KB (921,088 bytes)

The file why did cesar millan get bite_ - explanation and full analysis.mp4.exe has been seen being distributed by the following URL.

http://sfs.ezdownloadpro.info/hp/?q=AOMztbKxsZUQumPvqoHUJl6mFlbOAJ5sRMT2dEejin1j93TTn8DV5Z6QkNyo7LetogI7zp8z/4BkO8NC56YO/2b1o859ISI9APWTfePYAlg4f0jMb4mrx2berycdfGgRG8lmj9LYAUsUOnvkzail4MH95F6y05dljr2wbd97Z oIpn9UeI1X1s4t65UFbnuBSIet/ILG8Sa2TMR1jPscNalxVEzO t5ldXAEHbp/muQOoFLoq/V6KxdrsGe4TYasl1nghLel7iT87C7F1pgAbhAxrEVPJVTrDh8H2xQThONoc5Cum/Uom4R4A1ejVgxCb64xDg4Esti3Yo4wnZBR/1/waGja77ydmxviXI5dYt89cSPdGa55H3IyVYFgnfUQ4pGUa8Dc0ff0Xh2YmvhAPxMpWSC2zp0ihNbdt5hBKB/bWTBjqVAFIOyt8wyDtVqk5hUbz2bQhAcr8MVcg/22Dq ZCEefNDqEnGR44MAtuDc3mqfCUNwTJOX8lnUHs8/nB8A8hPFLdIHi6NjylDTdt26vVG 9/8MMKv9GPe/SHeDqCaJTadhOmWc/ry8nEYgs/cyFujeoSm3zA9n3hc4rJzCfhP/lEirL8DTDTyF8 m2HI6KPYpmg68itjD9UfaiTP1xn/Z5hK7/yIXYLzjtEyC3H0peOzdDg4gCvK61TUOrLARDEi8DWd5pDCo/HH6y4aItHR/CTuHozFHojGtk0heb5TTDg1rbUODzOqfw7uh909rjYwyG2Yz6GXP6jdee7m5HcNJyWS4SIrEXZBRqrN3QrNKAUEADaDBISmgze8/uRk60udiVyBhaRJZrKCumpjISjScuSpWVM/pSNjO/.../tyK1jVO8VK9tbwg8YHnBGw9U5 xEN7pJdL7xKwzid0kL0umMCe169wkqKGclbDMmIkx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.