home

yet_another_cleaner_sk.exe

YAC Security Protection

Elex do Brasil Participações Ltda

The application yet_another_cleaner_sk.exe by Elex do Brasil Participaçõesa has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from www.yac.mx and multiple other hosts.
Publisher:
Elex do Brasil Participações Ltda  (signed and verified)

Product:
YAC Security Protection

Description:
Setup

Version:
5.6.105.19081

MD5:
cc65d4efbf70f21579a3d2270dbf19e3

SHA-1:
0f7e3153bbc1b3e998801127eb4b2ce0b46f8475

SHA-256:
4fb3f80ebb17f652dae6a704538c7ab0168618318054962d36e0cef3d5b93a95

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 9:58:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Installer.W
14.11.20.13

File size:
14.6 MB (15,281,584 bytes)

Product version:
5.6.105.19081

Copyright:
Copyright (c) 2011-2014 Elex do Brasil Participações Ltda

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\yet_another_cleaner_sk.exe

Digital Signature
Signed by:
Elex do Brasil Participações Ltda

Authority:
VeriSign, Inc.

Valid from:
6/22/2014 7:00:00 PM

Valid to:
6/20/2015 6:59:59 PM

Subject:
CN=Elex do Brasil Participações Ltda, O=Elex do Brasil Participações Ltda, L=São Paulo, S=São Paulo, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5C6950D0A05A1CD63164D1E1EB1FFB8A

File PE Metadata
Compilation timestamp:
11/20/2014 3:25:26 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
393216:xWeWWXiNiNGRkPLaras9Yum+R4j58zKt8nnGCR:AWXxJLarLYfqzKmnnGCR

Entry address:
0x3F292

Entry point:
E8, 9E, 1A, 01, 00, E9, 39, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, 3C, F5, 70, 19, 48, 00, 00, 75, 13, 56, E8, 91, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 11, E8, AD, 88, 00, 00, 59, FF, 34, F5, 70, 19, 48, 00, FF, 15, 94, D1, 46, 00, 5E, 5D, C3, E8, 3E, 29, 00, 00, 85, C0, 75, 0B, FF, 74, 24, 04, 50, FF, 15, 50, D2, 46, 00, 68, FF, 00, 00, 00, E8, 58, 87, 00, 00, 59, C3, 56, 57, BE, 70, 19, 48, 00, 8B, FE, 53, 8B, 1F, 85, DB, 74, 17, 83, 7F, 04, 01, 74, 11, 53, FF, 15, A4, D0, 46, 00, 53, E8, 8F, BE, FF...
 
[+]

Entropy:
7.8989  (probably packed)

Code size:
431.5 KB (441,856 bytes)

The file yet_another_cleaner_sk.exe has been seen being distributed by the following 20 URLs.

http://www.yac.mx/.../658623

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20150123173759&nva=20150124053859&token=00b04b97e2ab5fb6641ee&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_fr&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=ES&sid=e93f3f2b7df3c05d4d352619772071e5&upv=a691b5dd43a361e0b5b0c6ffd2b04b7d&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2C4EC6E561351677C77086EC499320CACD5021AB3672758348078DBC31F8467FDB310D52CC97BB8B87CD32564B6F1E206CBCB6AE03A81379C5F5065BCF515F0C96545E2CF592E9EDC22AA6F04F7C4ACDA72755E1551C81C4E06E0E56CC12056369ACC761E25460462E2A7D5A59EABB6FDD3F78E193A8E5E4AD8BCFCDEBD563175105FEB5760601E7B1690B6029A896274&h=B6F2571B1B6EAF07D38BFEBC476F72124E972F772766A6F1A9C82B29B56C64D6&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=US&sid=d3f9c34f9704be1935a009f9d4426ac9&upv=e39e03c04ecf1a927a277f0190cb81f4&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2C4EC6E561351677C77086EC499320CAC3CA5E7EB440B9F07FCB18AD5BF2142044686CF12E4890860CBFC85ED61FBAFECA681057E481C0AD8E532B2AD9CD3ABF87D8FDC4BE3C734E4C57A77A8E5235C879FBD13F5B83CD758FF7D03014D10564FE32BDE80D98B6C46B91DAB9E9C2EBE6FC25BCED5DB275A05CE1DC252C757A9493542CE4A6DF1DDC6FB9626DCE19B5093&h=3E13F445E92F20C0C79F8971B5CFABE826BC37BF3165AAF2832B4D9A5902B985&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20141130191705&nva=20141201071805&token=05f96c0e6bc9126d707e7&instance=softonic_br&filename=yet_another_cleaner_sfto_5_6_105.exe

http://www.softonic.com/sads/tracker.php?ev=c&co=ES&sid=54db6396c3f76498adcc629404e48340&upv=e222e7e5cf46a73a6fb94e5848c84244&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBAC9B15663BFCC32A4B420C96190DC24F2C4EC6E561351677C77086EC499320CAC3CA5E7EB440B9F07FCB18AD5BF214204C928115CED1814963D5F04BB0E0A5F70581BFF606D11CC5E601E921F8D0298807CC2379B3978934AE708943F59AC575CA6DC983A8622EE0A1D7E9E1720E5007A177B59508373E7F05FB5CB118B01AF8D7B35E027532177E6F70D4F6A609E2DAD17BB0FCF0DE8B1B469371EE182BBD475&h=0A45411B6BB4A7888E82A6C682011EBA5300B3773F1041675AF681BE484921A4&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20150106184001&nva=20150107064101&token=06eeb1f61ba332dda82f0&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_en&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20141225205512&nva=20141226085612&token=0d40522d56b6d823aad4d&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_en&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://t1.softonicads.com/tracker.php?ev=c&co=IT&sid=817adb3fef181555ad270ad31ed62a7e&upv=a6503f8c76805393659e10d7496a2119&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBADD0CB244B8D47EE8EF2B6FDF0EA0CE23C8594D788EE802BF1345B03D32F8EBEF460A8CD5C8723A7CA7FBBA1CBEC7E060F50C69F11F06B76341185F3A59F96D830E160A297284AED900B880EB4B606758C38FBF90A2E3AD7F049311D0B4938062155971501634F302A9C561294EAB4C35492744CCB31967CE69EA2D00F782A79B23895140AF4F4F37FFFA7207D5FC2203FA6934C302F3BC33B7BE51823EB8F6B4&h=EB21BE33D9D428AEC8528CBE76837B6BBF1A343AA755F7F8760EC251894E315D&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://www.softonic.it/sads/tracker.php?ev=c&co=IT&sid=817adb3fef181555ad270ad31ed62a7e&upv=a6503f8c76805393659e10d7496a2119&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBADD0CB244B8D47EE8EF2B6FDF0EA0CE23C8594D788EE802BF1345B03D32F8EBEF460A8CD5C8723A7CA7FBBA1CBEC7E060F50C69F11F06B76341185F3A59F96D830E160A297284AED900B880EB4B606758C38FBF90A2E3AD7F049311D0B4938062155971501634F302A9C561294EAB4C35492744CCB31967CE69EA2D00F782A79B23895140AF4F4F37FFFA7207D5FC2203FA6934C302F3BC33B7BE51823EB8F6B4&h=EB21BE33D9D428AEC8528CBE76837B6BBF1A343AA755F7F8760EC251894E315D&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://t2.softonicads.com/tracker.php?ev=c&co=IT&sid=a506d8ef3090d33d2808d0676153e892&upv=c8319714ca03df2d9b50f1997b42e7d2&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBADD0CB244B8D47EE8EF2B6FDF0EA0CE23C8594D788EE802BF1345B03D32F8EBEF7151C5733D37D97A88D7BEE0F1E4F60195E17A3A438F810EAE9ABD3069474A56FB4E15E13CDD0A38854B6E47AD41B8D11E2CECB7F281B84DEC5F903F60E7E35EF34227DD87A79FF094FD87DB4A26DDEF57BE47BC4744E4A2B207FF85C010F50E0DC322EAC960E7D6997324BF3CDF726B5BDE591694A779AA6322EAABB1BF0759&h=ABDE6C6276A916B5EAC4557D9F149469D95ADCBC66A67AB69DA96B9DA230DB21&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://www.softonic.it/sads/tracker.php?ev=c&co=IT&sid=a506d8ef3090d33d2808d0676153e892&upv=c8319714ca03df2d9b50f1997b42e7d2&z=results&sk=0&abt=&eid=&params=F24F8F4D368AFA5D32C8A90D9EFD1CBADD0CB244B8D47EE8EF2B6FDF0EA0CE23C8594D788EE802BF1345B03D32F8EBEF7151C5733D37D97A88D7BEE0F1E4F60195E17A3A438F810EAE9ABD3069474A56FB4E15E13CDD0A38854B6E47AD41B8D11E2CECB7F281B84DEC5F903F60E7E35EF34227DD87A79FF094FD87DB4A26DDEF57BE47BC4744E4A2B207FF85C010F50E0DC322EAC960E7D6997324BF3CDF726B5BDE591694A779AA6322EAABB1BF0759&h=ABDE6C6276A916B5EAC4557D9F149469D95ADCBC66A67AB69DA96B9DA230DB21&directdownload=1&f=69665508&d=http://dl.yac.mx/download/.../yet_another_cleaner_sftc.exe

http://gsf-cf.softonic.com/0f7/e31/.../yet_another_cleaner_sfto_5_6_105.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20150124121513&nva=20150125001613&token=0762fc3b03531b74ea493&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_en&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20141225205251&nva=20141226085351&token=0ef0537735ef9e2cb1866&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_en&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20141210052857&nva=20141210172957&token=02f05c1b3ad964d68042e&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_en&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://global-shared-files-l3.softonic.com/0f7/e31/.../file?nvb=20141204110131&nva=20141204230231&token=0d3eaf5933dfd5411bee2&SD_used=0&channel=WEB&fdh=yes&id_file=69665508&instance=softonic_en&type=PROGRAM&filename=yet_another_cleaner_sfto_5_6_105.exe

http://www.yac.mx/download/.../down.php?pt=nee

http://dl2.yac.mx/download/.../yet_another_cleaner_sk.exe

Remove yet_another_cleaner_sk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.