» 스펠러.exe
Overview
Analysis
File Details

스펠러.exe

GJ Networks

The application 스펠러.exe by GJ Networks has been detected as a potentially unwanted program by 23 anti-malware scanners.

File name:

스펠러.exe

Publisher:

GJ Networks (signed and verified)

MD5:

77afeb8613b3b1084654c733bf6fdadc

SHA-1:

6c6900ceb34e5ed39e58e94422b7d22d26223402

SHA-256:

70500e3109abe455b82624f45e52b45df4ea1bc4c0519efd1235060a67e62363

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 7:54:35 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Adware.Kraddare

7.1.1

AhnLab V3 Security

PUP/Win32.Speller

2013.07.03

Avira AntiVirus

Adware/Rogue.483096.9

7.11.88.108

avast!

Win32:Adware-APC [PUP]

2014.9-140428

Bitdefender

Dropped:Application.Generic.532921

1.0.20.590

Comodo Security

Heur.Suspicious

16536

Dr.Web

Trojan.StartPage.46510

9.0.1.0118

Emsisoft Anti-Malware

Dropped:Application.Generic.532921

8.14.04.28.02

ESET NOD32

Win32/Adware.Kraddare.FJ (variant)

8.8518

Fortinet FortiGate

Riskware/Kraddare

4/28/2014

G Data

Dropped:Application.Generic.532921

14.4.22

IKARUS anti.virus

Win32.AdWare

t3scan.2.0.3.0

Malwarebytes

Adware.KorAd

v2014.04.28.02

McAfee

Artemis!77AFEB8613B3

5600.7147

NANO AntiVirus

Trojan.Win32.Kraddare.xohrj

0.24.0.53304

nProtect

Adware/W32.KrAdword.483096

13.07.03.01

Panda Antivirus

Trj/Genetic.gen

14.04.28.02

Reason Heuristics

PUP.GJNetworks.D

14.4.28.2

SUPERAntiSpyware

Trojan.Agent/Gen-Rogue

10639

Trend Micro House Call

ADW_KRADARE

7.2.118

Trend Micro

ADW_KRADARE

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

19250

ViRobot

Adware.Speller.483096.A

2011.4.7.4223

File size:

471.8 KB (483,096 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

GJ Networks

Authority:

Thawte, Inc.

Valid from:

12/12/2011 9:00:00 AM

Valid to:

12/12/2013 8:59:59 AM

Subject:

CN=GJ Networks, O=GJ Networks, L=Dongjak-gu, S=Seoul, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3F796579DD55F89DFE34DF13DCBF595F

File PE Metadata

Compilation timestamp:

8/6/2012 3:50:02 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:dYXGv9Ejrhe13A2NIBykMZVoYzvQOsyap/tP:eWOro13A2iykMZxzvQ9R

Entry address:

0xB123

Entry point:

E8, 7E, 20, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 4D, 03, 00, 00, 3B, 0D, 7C, D1, 41, 00, 75, 02, F3, C3, E9, F5, 20, 00, 00, 8B, FF, 55, 8B, EC, 56, 8B, 75, 14, 57, 33, FF, 3B, F7, 75, 04, 33, C0, EB, 65, 39, 7D, 08, 75, 1B, E8, EF, 26, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 78, 26, 00, 00, 83, C4, 14, 8B, C6, EB, 45, 39, 7D, 10, 74, 16, 39, 75, 0C, 72, 11, 56, FF, 75, 10, FF, 75, 08, E8, BF, 21, 00, 00, 83, C4, 0C, EB, C1, FF, 75, 0C, 57, FF, 75, 08, E8, DE, 0A, 00, 00, 83... 
[+]

Entropy:

7.7498 (probably packed)

Code size:

88 KB (90,112 bytes)

Remove 스펠러.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.