windows+7+ultimate+32+portugues_10924_i26051978_il345.exe.zip
The file windows+7+ultimate+32+portugues_10924_i26051978_il345.exe.zip has been detected as a potentially unwanted program by 20 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install. The file has been seen being downloaded from downprov.brown1switch.com.
File name:
windows+7+ultimate+32+portugues_10924_i26051978_il345.exe.zip
MD5:
55aba43849f588c4386d339d76274cf5
SHA-1:
9c55b672aab254eccef0829b92362c3e185f8536
SHA-256:
6b24a000831a6ef4f6b09378226dfd291d0298a161590280168d59963154a215
Scanner detections:
20 / 68
Status:
Potentially unwanted
Analysis date:
4/25/2024 9:48:46 AM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Gen:Variant.Application.Jatif.320
583
Avira AntiVirus
ADWARE/Amonetize.Gen7
8.3.1.6
Arcabit
Trojan.Application.Jatif.320
1.0.0.425
avast!
Win32:Amonetize-JO [PUP]
2014.9-150702
Bitdefender
Gen:Variant.Application.Jatif.320
1.0.20.915
Comodo Security
Application.Win32.LoadMoney.IARS
22639
Dr.Web
infected with Trojan.Amonetize
9.0.1.05190
Emsisoft Anti-Malware
Gen:Variant.Application.Jatif.320
10.0.0.5366
ESET NOD32
Win32/Amonetize.DW potentially unwanted application
7.0.302.0
F-Prot
W32/S-53544127
v6.4.7.1.166
G Data
Gen:Variant.Application.Jatif.320
15.7.25
Kaspersky
not-a-virus:Downloader.Win32.Agent
15.0.0.543
Malwarebytes
PUP.Optional.Amonetize
v2015.07.02.12
MicroWorld eScan
Gen:Variant.Application.Jatif.320
16.0.0.549
Norman
Gen:Variant.Application.Jatif.320
02.06.2015 14:23:46
Panda Antivirus
Trj/Genetic.gen
15.07.02.12
Quick Heal
PUA.Bershnetll.Gen
7.15.14.00
Sophos
PUA 'Amonetize'
5.15
VIPRE Antivirus
Amonetize
41630
File size:
1.4 MB (1,504,192 bytes)
Common path:
C:\users\{user}\downloads\windows+7+ultimate+32+portugues_10924_i26051978_il345.exe.zip
The file windows+7+ultimate+32+portugues_10924_i26051978_il345.exe.zip has been seen being distributed by the following URL.