Jump to content


Photo

amonetize / installer.exe /spyware.banker.GEN undetected version?


  • This topic is locked This topic is locked
3 replies to this topic

#1 ribbles

ribbles

    New Member

  • Members
  • Pip
  • 3 posts

Posted 07 February 2013 - 10:18 PM

Hi I registered to report this file that was bundled with Super MEdia file encoder.

MalwareBytes caught 4 other versions of this file while I was trying to install and labelled it Spyware.Banker.GEN. To me it appears to be some program from a company called "Amonetize" that pays people to get it installed on peopels computer and I have no idea what it does. Either way it can't be good.

This one appears to be a NEW version that is not caught by anything.
SHA256: 40050e8481c00a546efb529d19b38677cfc0a2ee2d3c54f0127826c723fc505f
SHA1: ad020a96e5d6c9c96a8c327bd36a3e0584a0b5ab
MD5: c80d3b60e0d0647cb65ff1b884c7f5cc
File size: 147.3 KB ( 150880 bytes )
File name: Launcher.exe
File type: Win32 EXE
Detection ratio: 0 / 45
Analysis date: 2013-02-08 03:03:21 UTC ( 0 minutes ago )


I found a textfile on my computer that seems to enumerate all the programs in my temp directory which is where it was along with the ones that got caught. I think this generated by some anti-virus program I try, not sure which.

The bolded one is the one I uploaded here, which is the one that was not caught, seems to be a newer version # then the other ones that were caught.



8C:\Users\xxxx\AppData\Local\Temp\is-02RO0.tmpB__1257.exeèˆ *Amonetize ltd.2J
Installer1.1.2.8 Amonetize" Installer* Launcher.exe21.1.2.8:1.1.2.8
™
7C:\Users\xxxxx\AppData\Local\Temp\is-471IV.21B__1257.exeèˆ *Amonetize ltd.2J
Installer1.1.2.8 Amonetize" Installer* Launcher.exe21.1.2.8:1.1.2.8
š
5C:\Users\xxxxx\AppData\Local\Temp\is-471IV.21__100.exeàš *WhiteSmoke Inc2M
Installer1.1.3.71 Amonetize" Installer* Launcher.exe21.1.3.71:1.1.3.71

™
7C:\Users\xxxxxx\AppData\Local\Temp\is-4CIQ1.21B__1257.exeèˆ *Amonetize ltd.2J
Installer1.1.2.8 Amonetize" Installer* Launcher.exe21.1.2.8:1.1.2.8
™
7C:\Users\xxxxxx\AppData\Local\Temp\is-6SAEU.21B__1257.exeèˆ *Amonetize ltd.2J
Installer1.1.2.8 Amonetize" Installer* Launcher.exe21.1.2.8:1.1.2.8
š
8C:\Users\xxxxxx\AppData\Local\Temp\is-MAN3A.tmpB__1257.exeèˆ *Amonetize ltd.2J
Installer1.1.2.8 Amonetize" Installer* Launcher.exe21.1.2.8:1.1.2.8

Attached Files



#2 ribbles

ribbles

    New Member

  • Members
  • Pip
  • 3 posts

Posted 07 February 2013 - 10:22 PM

woops i may have inadvetantly exposed my name in the last filepath there can a moderator please remove that, thanks.....

#3 ribbles

ribbles

    New Member

  • Members
  • Pip
  • 3 posts

Posted 07 February 2013 - 10:32 PM

oh and i got it from either one of these 2 URLs I am not sure which sorry

http://www.videohelp...exe?r=vFJNfVJvq

http://www.erightsof...?SUPERsetup.exe

#4 sUBs

sUBs

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 8,317 posts

Posted 07 February 2013 - 10:47 PM

Thank you for your help. Attached file will be verified.
sUBs
Research Engineer

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users