home

retro youtube simulator-0.1.0.exe

Gesamubosi

Parsec Media S.L.

The application retro youtube simulator-0.1.0.exe, “Gesamubosi Setup ” by Parsec Media S.L has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from www.senddeliveryshare.com.
Publisher:
Parsec Media S.L.  (signed and verified)

Product:
Gesamubosi

Description:
Gesamubosi Setup

MD5:
41e4afa700f35da929baf3d38bf4be25

SHA-1:
41336a19286ed7d978a17b74874a58951fb53f10

SHA-256:
f158184e276e67be2f14da83b1aecc1af2a5206625a590ef0ae2c9b75b0ef923

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/23/2024 5:46:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (M)
17.3.4.9

File size:
1.2 MB (1,259,512 bytes)

Product version:
2.4.8

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\retro youtube simulator-0.1.0.exe

Digital Signature
Signed by:
Parsec Media S.L.

Authority:
GlobalSign nv-sa

Valid from:
1/20/2016 5:02:38 PM

Valid to:
1/20/2017 5:02:38 PM

Subject:
CN=Parsec Media S.L., O=Parsec Media S.L., S=Barcelona, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121664972E6D57B8AC3433073871EDF1FEA

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xAA98

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 2E, 86, FF, FF, E8, 35, 98, FF, FF, E8, 9C, 9B, FF, FF, E8, B7, 9F, FF, FF, E8, 56, BF, FF, FF, E8, ED, E8, FF, FF, E8, 54, EA, FF, FF, 33, C0, 55, 68, 69, B1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 32, B1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, D0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, C2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, 24, 93, FF, FF, 8D, 55, F0, 33, C0, E8, 66, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
40.5 KB (41,472 bytes)

The file retro youtube simulator-0.1.0.exe has been seen being distributed by the following URL.

http://www.senddeliveryshare.com/1vhZk0cuysPF0 p1HmhxqLj8oCQo7r5DW483lp1zNicsYtexmjCSG Rv1azXVR8ry8UmRa4KiA2TAyP06aQBEntM0U8PbtLK0ldiqbAWQKf2oWiaNZdE2MijpW9Z_QBpX77lL tt3qovqQAzZX_Vop8pQezZto4w3xIGmkhDqmeA45yIO3iHOUQTN40bgnE0_sFTFvmoDxDTxRdZkJSOMLHvWnxvk6lZHR8NqSmw Uc9H2zM4fcfQtwU7RrGMZihM8S1knYUEqijosBGBvw4UauoTBqsnUik2RUul43Hz6g5Zlbo4DDjUpruQSnBJQLxP j3q7M8jjXnIK93Y_40qBygRx3M5lAh2Wh7K4DmlXISLuaWtHFBh3lLXG8iJQY9FcLjzgpt7cz6oSa7hdaEejnUIdn UaSRVFdg0nJxqg3tPD9l9iGNci_1VCh7ZtUcAZqe 46bLwwqnuyp_Gtv8T7iNSQbv9GTBxsJMpbNEpmT7mTmPnc=-G1cAAMTauU1GT5bFjsX46pKir eLUw5Yqy1JAzv4QeR3HBONnaTIb6yRF vkS87xUYAO1HxnPrih4Km4FLvYBuRf17HNTzR0sWYDsiF8AA==

Remove retro youtube simulator-0.1.0.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.