home

yet_another_cleaner.exe

Downloader

Elex do Brasil Participações Ltda

The application yet_another_cleaner.exe by Elex do Brasil Participaçõesa has been detected as a potentially unwanted program by 17 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from adm.soft365.com and multiple other hosts.
Publisher:
Elex do Brasil Participações Ltda  (signed and verified)

Product:
Downloader

Version:
2.8.1.1

MD5:
7f88e1a27502432d095ded9360cd7e58

SHA-1:
bf1946c79f15ee9e6f62e7a807607ab07c9d4870

SHA-256:
ded76de3ecba0b626a0071db8918a8d9e64ee97c37e8bdc88f2e7f74a220c55e

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 11:45:51 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen2
7.11.124.148

avast!
Win32:Rootkit-gen [Rtk]
2014.9-140217

Bkav FE
W32.Clode48.Trojan
1.3.0.4613

Emsisoft Anti-Malware
Gen:Variant.Jaik.462
8.14.02.17.05

ESET NOD32
Win32/ELEX (variant)
8.9275

Fortinet FortiGate
Riskware/Elex
2/17/2014

IKARUS anti.virus
Trojan-Dropper
t3scan.2.2.29

K7 AntiVirus
Unwanted-Program
13.174.10469

Malwarebytes
PUP.Optional.Elex
v2014.02.17.05

McAfee
Artemis!0EA734BCCED8
5600.7217

NANO AntiVirus
Trojan.Win32..crdmoj
0.28.0.57029

Reason Heuristics
PUP.ElexdoBrasilParticipacoesa.T
14.3.18.15

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D
23.00.65.14316

Sophos
Elex
4.95

Total Defense
Win32/Tnega.KYMYOTC
37.0.10498

Trend Micro House Call
TROJ_GEN.F47V1222
7.2.1

Vba32 AntiVirus
Downloader.Elex
3.12.24.3

File size:
882.6 KB (903,832 bytes)

Product version:
2.8.1.1

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\yet_another_cleaner.exe

Digital Signature
Signed by:
Elex do Brasil Participações Ltda

Authority:
GlobalSign nv-sa

Valid from:
9/24/2013 11:46:21 AM

Valid to:
8/17/2014 2:28:53 PM

Subject:
CN=Elex do Brasil Participações Ltda, O=Elex do Brasil Participações Ltda, L=Consolação, S=São Paulo, C=BR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11215F51916F2BB9F54E82871FEA88CE8F5E

File PE Metadata
Compilation timestamp:
11/13/2013 10:20:27 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:QqUt0/of3L1An4zFleJauSc+W+ZMDbojuP:eOKhrlnunWXe

Entry address:
0xFD70

Entry point:
E8, 8D, 75, 00, 00, E9, 39, FE, FF, FF, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE...
 
[+]

Entropy:
7.6010

Code size:
176 KB (180,224 bytes)

The file yet_another_cleaner.exe has been seen being distributed by the following 50 URLs.

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZzdXVpZD0wNTEzYmM0NS0wYTgwLTRjYTctYmIyYy0yYmQxMTM2YTczOWE&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZldXVpZD1lMWFlNmVmNS03NGM1LTQ1NDQtYjQ5Zi05MDZhNmE4NWZlN2Y&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZkdXVpZD0wOWNiNjQ1YS0yYWY5LTQ4YjgtODMyZC0xY2U5Mjg3MGFkNWQ&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZkdXVpZD1mMzk5M2ExYy1lNDQ5LTQ2OTUtOTRlZi00ZTBlZDA5NTRkYzY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZhdXVpZD0zNTY5NGZkNC02NTYzLTQzMDktYTA2Mi05YWVjZGUyOGJhNTY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZjdXVpZD1mYWU5NGVmZS03Y2RkLTRmYmItOGMwYS1kYjk2Yjc3MDFjM2M&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZhdXVpZD1kZTAyZDRmNy1hYjQ5LTQ0ZWItODMwOC1lYjU5MDhhNWNhNGQ&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___Z3dXVpZD1iZjVlYmY1Yy1hMDM1LTRiOWEtODM5Ni01NGY2MzcyZjU3YmQ&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZwdXVpZD0wZDA2MDMzOC0xZTZkLTQwNTYtODJkOS0zNGJhMThjMTYwNzE&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZzdXVpZD04YjQ1YTFlZS00YWYzLTQzNDYtYWIwOC1mZGQ5MzFjZDEzODM&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZxdXVpZD03YmQ0NDRhYy0wZTc2LTQwYzYtOTJlMi1lNWE3ZGZjNGIxNzc&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___Z4dXVpZD00OGQ2ZGNkYi1hNjE2LTRkM2QtYWE2YS04ZmFjYmM5YzU4Yzk&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZjdXVpZD1lMzMwZGM1ZC1kMWUwLTQ4MzEtOWJjNy0wYjIwZDMzZDBjMGQ&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZmdXVpZD1lOWUwYTBiYi04NmVlLTRiNTAtOTA3ZC1lZTA5YWUzMjNmMGY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZhdXVpZD1hNjI2ODQ3YS1hYzFlLTQ1MmEtODBkYi02ZTlhYTUxOTFhNGI&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZkdXVpZD1hYjc3YmYxNi1kZWUzLTQ2MzYtYWJjZC05YjRmZWVhOTdkM2I&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZwdXVpZD01NjkwMzRmMS1jZDE2LTRhYTgtYmEwNi1kOGU5N2VlZGYwMGY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZhdXVpZD05ZWQyYjU1YS1mNGMyLTRiNTAtYjhmOC01NDI0NTU1NGVhMjc&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZkdXVpZD1iYzQyNzkxMy00ZjFkLTQ5OTMtYTU5Yi05YzY4YTU1YmZkMmI&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZidXVpZD1lMTI4MTEwZC1kOTNlLTQ1N2UtYjI4NS1jY2ZkY2IyZmRiMDU&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZxdXVpZD1kNGM5NzlhZi1mZTdlLTRkYmMtOTQ5Ni00NGU5MGM1NTkxMWY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___Z4dXVpZD1iZjkyZjUwNC1hMTVhLTQwN2QtOTExNC1hNDJmMGMxYzM4NTg&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZmdXVpZD0yOWE1N2NhZS1hMTA3LTRmZWQtOGUzMC04MzRiMjI3MDZmMmU&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZjdXVpZD01YjA5NzBiMC04ODBlLTRiNDEtOGRmOC1mNGIyMTRmMmJjNWM&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZjdXVpZD1lMzQ1OGM2MC1mNGUyLTRiYzItYjk4YS1jOTY4ZTE5MGJjMWY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZmdXVpZD1kYTgzNTcxMy00NjdjLTQ4MmUtOTRmZS0xOGNlYWQ5OWJmNGE&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZxdXVpZD0wY2FhNzgxNi0xMGY1LTQ4MTctYjJkNS1jNDNiMTc4ZDUxOWM&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___Z5dXVpZD0yZWI5ODgwYy03YjlmLTRjZjgtODY1Yi04N2ZjY2ZiOTQ5NzY&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___Z4dXVpZD0xMGNmYWMxNy05YjQ4LTRkM2UtYjMzOS04OTk2YzM4MTE4NDg&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

http://adm.soft365.com/ads/adsavess?sid=yac&ptid=glp&subid=CD29084&clickID=CD29084___18653___50276___ZhdXVpZD05ZWViYmU3NS02M2MxLTQ2MDEtYTY3NS00YTNhZDFmODRhNzI&lplink=http://www.yac.mx/download/ad/.../yet_another_cleaner.exe

Latest 30 of 175 download URLs

Remove yet_another_cleaner.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.