home

www_launch-download_com

The file www_launch-download_com has been detected as a potentially unwanted program by 39 anti-malware scanners. It bundles adware offers using the Amonetize, a Pay-Per-Install (PPI) monetization and distribution download manager. The software offerings provided are based on the PC's geo-location at the time of install.
MD5:
a11ece207e646a1fff20bbc3e258a90b

SHA-1:
ad3f0104263d26a5716319611bb2520d3a415036

SHA-256:
f73837ca42e3e78d555264e21541331eb8e004c881f51466a154b618f073155c

Scanner detections:
39 / 68

Status:
Potentially unwanted

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/26/2024 6:16:26 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2010607
735

Agnitum Outpost
Win32.Virut.AB.Gen
7.1.1

AhnLab V3 Security
Win32/Virut.F
2014.12.06

Avira AntiVirus
W32/Virut.Gen
7.11.30.172

avast!
Win32:Amonetize-GR [PUP]
150129-1

AVG
Adware Generic_r.YL
2014.0.4257

Baidu Antivirus
Virus.Win32.Virut.$NBP
4.0.3.15131

Bitdefender
Win32.Virtob.Gen.12
1.0.20.155

Bkav FE
W32.HfsAutoA
1.3.0.6267

Dr.Web
Win32.Virut.56
9.0.1.031

Emsisoft Anti-Malware
Trojan.GenericKD.2010607
8.15.01.31.07

ESET NOD32
Win32/Amonetize.CH potentially unwanted application
7.0.302.0

Fortinet FortiGate
W32/Virut.CE
1/31/2015

F-Prot
W32/Virut.E.gen
v6.4.6.5.141

F-Secure
Trojan.GenericKD.2010607
11.2015-31-01_7

G Data
Win32.Virtob.Gen.12
15.1.24

IKARUS anti.virus
Virus.Win32.Virut
t3scan.1.8.5.0

K7 AntiVirus
Virus
13.186.14254

Kaspersky
Trojan-Downloader.Win32.Agent
14.0.0.2558

Malwarebytes
PUP.Optional.Amonetize
v2015.01.31.07

McAfee
W32/Virut.n.gen
5600.6869

Microsoft Security Essentials
Threat.Undefined
1.189.1447.0

MicroWorld eScan
Win32.Virtob.Gen.12
16.0.0.93

NANO AntiVirus
Virus.Win32.Virut.hpeg
0.28.6.63850

Norman
Gen:Variant.Graftor.166062
11.20150131

nProtect
Virus/W32.Virut.Gen
14.12.05.01

Panda Antivirus
W32/Sality.AO
15.01.31.07

Qihoo 360 Security
Virus.Win32.Virut.M
1.0.0.1015

Quick Heal
W32.Virut.G
1.15.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.1.31.7

Rising Antivirus
PE:Win32.Virut.ec!1608462
23.00.65.15129

Sophos
Virus 'W32/Scribble-B'
58

Total Defense
Win32/Virut.17408
37.0.11316

Trend Micro House Call
PE_VIRUX.R
7.2.31

Trend Micro
PE_VIRUX.R
10.465.31

Vba32 AntiVirus
Virus.Virut.14
3.12.26.3

VIPRE Antivirus
Threat.4739697
35418

ViRobot
Win32.Virut.AM[h]
2014.3.20.0

Zillya! Antivirus
Virus.Virut.Win32.1938
2.0.0.1999

File size:
218.9 KB (224,169 bytes)

Common path:
C:\users\{user}\appdata\roaming\idm\dwnldata\??? ????\www_launch-download_com_2506\www_launch-download_com

File PE Metadata
Compilation timestamp:
12/2/2014 12:34:18 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:0E+QOY7cxefuiT4Cui6QZRghZBeFsnRd2:t+QO2iSuC4JXQZRghZ0snH2

Entry address:
0xDA44

Entry point:
E8, 78, 78, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 7C, FF, 38, 00, FF, 15, C4, 70, 38, 00, 85, C0, 75, 18, 56, E8, 8D, 2F, 00, 00, 8B, F0, FF, 15, 24, 70, 38, 00, 50, E8, 3D, 2F, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, B0, E2, FF, FF, C7, 06, 1C, 7C, 38, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 1C, 7C, 38, 00, E9, F4, E2, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 1C, 7C, 38, 00, E8, E1, E2, FF, FF...
 
[+]

Entropy:
6.8018

Code size:
150.5 KB (154,112 bytes)

Remove www_launch-download_com - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.