dropinsavings.exe
DropinSavings
Fun Apps
This is part of a distribution package that is classified as adware distributed by 50onRed. This adware is used to interact with the installed web browsers and inject ads and modify the default search and homepages. The application dropinsavings.exe, “DropinSavings Installer” by Fun Apps has been detected as adware by 2 anti-malware scanners. The file has been seen being downloaded from get.srvdownload.com.
File name:
dropinsavings.exe
Publisher:
Innovative Apps (signed by Fun Apps)
Description:
DropinSavings Installer
MD5:
1d23a6682d88e43690664a1101f69e9c
SHA-1:
50c7de13b87b90d6829079ec6f92ac4e109b5d0c
SHA-256:
bb12bae3b2936d19967bc2418b0e7c9abf9be7e03a78601b2b688b3bd1406ed9
Scanner detections:
2 / 68
Analysis date:
4/18/2024 11:24:57 PM UTC (a few moments ago)
Scan engine
Detection
Engine version
Boost by Reason
Trojan.Adw.Installer.FunApps.N
2013.8.3.17
Reason Heuristics
PUP.Installer.FunApps.N
14.8.7.17
File size:
3.3 MB (3,449,392 bytes)
Copyright:
Copyright Innovative Apps
File type:
Executable application (Win32 EXE)
Language:
English (United States)
Common path:
C:\users\{user}\downloads\dropinsavings.exe
Valid from:
6/3/2013 5:00:00 PM
Valid to:
6/4/2014 4:59:59 PM
Subject:
CN=Fun Apps, O=Fun Apps, L=Philadelphia, S=Pennsylvania, C=US
Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US
Serial number:
684B8CFA6A114F5EE6A8115E415BF20A
Compilation timestamp:
2/19/2012 7:01:49 AM
CTPH (ssdeep):
98304:BZoQQHMBQY6yuBLzJQdNiY5G2pegSQz3U:BZonMp6D1CYY5GKegSeE
Code size:
34.5 KB (35,328 bytes)
The file dropinsavings.exe has been seen being distributed by the following URL.