home

windows kms activator ultimate downloader__3687_i1572790758_il234056.exe

LLC DE PROEKT

This is the Amonetize download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application windows kms activator ultimate downloader__3687_i1572790758_il234056.exe by LLC DE PROEKT has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the Amonetize Downloader installer. The setup program bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
Publisher:
LLC DE PROEKT  (signed and verified)

Version:
1.1.5.26

MD5:
16ecd1e1118e68f4cd634c3201ce14f5

SHA-1:
e10c9df77e29b99f77435a421dbd6efedba57f14

SHA-256:
de620f5e551e4c7e598049829887251325ed42932894cf93553444e5ab170b94

Scanner detections:
19 / 68

Status:
Adware

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/25/2024 12:03:29 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Amonetize
7.1.1

AhnLab V3 Security
PUP/Win32.Amonetiz
2015.08.04

Avira AntiVirus
ADWARE/Amonetize.kpb
8.3.1.6

AVG
BundleApp
2016.0.3028

Baidu Antivirus
PUA.Win32.Amonetize
4.0.3.1584

Bkav FE
W32.HfsAdware
1.3.0.6979

Dr.Web
Trojan.Amonetize.4075
9.0.1.0216

Emsisoft Anti-Malware
Gen:Variant.Mikey.20892
8.15.08.06.03

ESET NOD32
Win32/Amonetize.GF potentially unwanted (variant)
9.12039

F-Secure
Gen:Variant.Mikey.20892
11.2015-06-08_5

K7 AntiVirus
Adware
13.207.16775

Kaspersky
not-a-virus:AdWare.Win32.Amonetize
14.0.0.1633

Malwarebytes
PUP.Optional.Installcore
v2015.08.04.09

McAfee
Artemis!16ECD1E1118E
5600.6684

NANO AntiVirus
Riskware.Win32.Amonetize.dupemx
0.30.24.2668

Norman
Gen:Variant.Mikey.20892
11.20150806

Qihoo 360 Security
Win32/Virus.Adware.528
1.0.0.1015

Reason Heuristics
PUP.Amonetize.DEPROEKT.Bundler (M)
15.8.4.9

VIPRE Antivirus
Amonetize
42608

File size:
746 KB (763,920 bytes)

Product version:
1.1.5.26

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Amonetize Downloader

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\windows kms activator ultimate downloader__3687_i1572790758_il234056.exe

Digital Signature
Signed by:
LLC DE PROEKT

Authority:
COMODO CA Limited

Valid from:
5/6/2015 2:00:00 AM

Valid to:
5/6/2016 1:59:59 AM

Subject:
CN=LLC DE PROEKT, O=LLC DE PROEKT, STREET="str. Petropavlovska, 3", L=Simferopol, S=AR Krym, PostalCode=95000, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
2D675A924C3DAB51C8060B92453C4912

File PE Metadata
Compilation timestamp:
7/29/2015 2:22:48 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:lpOjhmtpoT+eopZcpk/GzOXmNvakekIp7xHmA1hSwI4KGqRkjA5us:rGsaTyIk/HmRleb59mA1gwHokK

Entry address:
0xB76F

Entry point:
E8, 19, 4D, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, BC, 87, 42, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 9C, 79, 42, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, BC, 87, 42, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00...
 
[+]

Code size:
102.5 KB (104,960 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.