{"id":4027,"date":"2015-01-21T19:56:08","date_gmt":"2015-01-21T19:56:08","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=4027"},"modified":"2018-05-29T12:01:02","modified_gmt":"2018-05-29T12:01:02","slug":"mari-mara-20-detection-rate-pup-optional-maru-outbrowse-revenyou","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/mari-mara-20-detection-rate-pup-optional-maru-outbrowse-revenyou\/","title":{"rendered":"Mari Mara – 20% Detection Rate – PUP.Optional.Maru \/ OutBrowse Revenyou"},"content":{"rendered":"

Hello! Just wanted to let you know about a publisher called Mari Mara<\/strong>\u00a0that I found earlier today. Here’s how the UAC dialog looks like when running the file:<\/p>\n

\"Mari<\/a><\/p>\n

You can also check the digital signature under the file’s properties. According to the certificate we can see that Mari Mara appears to be located in Dublin, Ireland and that the certificate is issued by GlobalSign CodeSigning CA – G2.<\/p>\n

\"Mari<\/a><\/p>\n

The VirusTotal<\/a> report shows that the Mari Mara file should probably be avoided, since setup.exe is detected as Win-PUP\/OutBrowse<\/strong> by AhnLab-V3, Mari.668<\/strong> by AVG, PUA.OutBrowse<\/strong> by Ikarus, PUP.Optional.Maru<\/strong> by Malwarebytes and OutBrowse Revenyou<\/strong> by Sophos.<\/p>\n

\"Mari<\/a><\/p>\n

Did you also find a Mari Mara file? What kind of download was it? If you remember the download link, please post it in the comments below.<\/p>\n

Thank you for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Hello! Just wanted to let you know about a publisher called Mari Mara\u00a0that I found earlier today. Here’s how the UAC dialog looks like when running the file: You can also check the digital signature under the file’s properties. According to the certificate we can see that Mari Mara appears to be located in Dublin, … Continue reading Mari Mara – 20% Detection Rate – PUP.Optional.Maru \/ OutBrowse Revenyou<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[54],"tags":[370,369,172],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/4027"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=4027"}],"version-history":[{"count":1,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/4027\/revisions"}],"predecessor-version":[{"id":4031,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/4027\/revisions\/4031"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=4027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=4027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=4027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}