» cd rodolfo abrantes ao vivo 2010 cds grtis.zip.exe
Overview
Analysis
File Details

cd rodolfo abrantes ao vivo 2010 cds grtis.zip.exe

Project1

MIDIA TECHNOLOGIES LLC

The application cd rodolfo abrantes ao vivo 2010 cds grtis.zip.exe by MIDIA TECHNOLOGIES has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Midia Downloader installer.

File name:

Publisher:

Dunha (signed by MIDIA TECHNOLOGIES LLC)

Product:

Project1

Version:

1.00.0002

MD5:

23cea3e29a2c11605ed7156ea4989539

SHA-1:

ff92d683c73c84e277d53b3c7fa56ce49fbca92a

SHA-256:

4f8c25a81631fe060a2e083acd5c3acaecd5bdd70d9d24b3d92c8312d9334035

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:

10/14/2025 1:15:45 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Midia Technologies.MIDIATEC.Bundler (M)

16.5.21.22

File size:

58.1 KB (59,472 bytes)

Product version:

1.00.0002

Original file name:

kiko.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Midia Downloader

Language:

English (United States)

Common path:

C:\users\{user}\downloads\cd rodolfo abrantes ao vivo 2010 cds grtis.zip.exe

Digital Signature

Signed by:

MIDIA TECHNOLOGIES LLC

Authority:

GoDaddy.com, Inc.

Valid from:

8/20/2014 10:09:01 AM

Valid to:

4/11/2015 3:45:06 PM

Subject:

CN=MIDIA TECHNOLOGIES LLC, O=MIDIA TECHNOLOGIES LLC, L=Lewes, S=Delaware, C=US

Issuer:

CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

0438151C206DBB

File PE Metadata

Compilation timestamp:

8/20/2014 9:44:01 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:/EQTWNFlZaDbK0NFlZaDb4RYyMP2+PI53CS1QSanJt2a5ev2Tc0:/ELaDbxaDb4RoOY0CWATc

Entry address:

0x1298

Entry point:

68, B0, 91, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 53, 4A, 12, F4, E6, F1, 7A, 4A, A1, 41, 98, 3F, 70, 8A, A6, BF, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 36, 5C, 46, 6F, 72, 6D, 6F, 66, 66, 00, 6D, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 0B, 75, EF, A0, EF, 28, 05, 2A, 49, 88, 69, 04, D9, 48, DF, 32, 46, 36, B9, 5C, 4C, 72, 74, CE, 48, AC, 11, 6C, AB, AB, EE, 6A, D2, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

44 KB (45,056 bytes)

Remove cd rodolfo abrantes ao vivo 2010 cds grtis.zip.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.