Home / malware SoftwareBundler:Win32/FileTour
First posted on 15 February 2019.
Source: MicrosoftAliases :
There are no other names known for SoftwareBundler:Win32/FileTour.
Explanation :
Installation
We have seen this application downloaded as:
Crack_autocad_2013_32_bit_xforce_225958355-.zip KMSAuto_Net_2016_1.5.0_225507261-.exe Programa_para_desbloquear_celular_wickings_226069253-.zip TerrariaRus_Steam_1.3.4.4_226098949-.exe
This application offers to download torrent files such as:
22_GTA_4_Complete.torrent Fei_ Legenda o chudovische _ 2014.torrent Molodezhka 2 sezon (1-20,21 seriya) 2014.torrent The_SIMS_4.torrent
It can be digitally signed by the following vendors:
INTIS OOO-START-SERVIS PLC-INTELKOM POLIKOPIR SpecKomServis Payload
Installs other programs
We have seen this application install other software on your PC. Some of these applications might be bundled during the installation process and are not intended to be installed. We have seen it installing programs such as:
Amigo web browser Opera web browser Sputnik.Mail.Ru
Connects to a remote host
We have seen this softwarebundler connect to domains such as:
amigobin.cdnmail.ru azhachkeev.ru ec2-54-171-194-186.eu-west-1.compute.amazonaws.com edstak.com love-torrent.ru relizua.com torrent-igruha.net sputnikmailru.cdnmail.ru zona-film.com
For example:
hxxp://amigobin.cdnmail.ru/AmigoDistrib.exe hxxp://www.edstak.com/engine/download.php?id=18406 hxxp://sputnikmailru.cdnmail.ru/mailruhomesearchvbm.exe hxxp://www.zona-film.com/engine/download.php?id=18406Last update 15 February 2019
