home

1stbrowser.exe

1stBrowser

SIEN SA

The application 1stbrowser.exe by SIEN SA has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named 1stbrowser. This file is typically installed with the program 1stBrowser by Sien S.A..
Publisher:
The 1stBrowser Authors  (signed by SIEN SA)

Product:
1stBrowser

Version:
45.0.2454.152

MD5:
2c013799389d05db100163d30214ad1e

SHA-1:
d7a4b0fda5cdeb4faa7b6b750c6746cca3e8439a

SHA-256:
1b3dcd323f3516745953c05104470abac8b2103bc79282942e6756e324172e46

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/19/2024 8:56:36 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sien.SIENSA (M)
16.3.15.17

File size:
851.6 KB (872,056 bytes)

Product version:
45.0.2454.152

Copyright:
Copyright 2015 The 1stBrowser Authors. All rights reserved.

Original file name:
chrome.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\1stbrowser\application\1stbrowser.exe

Digital Signature
Signed by:
SIEN SA

Authority:
GlobalSign nv-sa

Valid from:
9/14/2015 9:05:56 AM

Valid to:
9/14/2016 9:05:56 AM

Subject:
CN=SIEN SA, O=SIEN SA, L=Paris, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11213DB3C4AD369B17F720086E1BBB7BB700

File PE Metadata
Compilation timestamp:
3/10/2016 7:24:45 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:VnOIk3qgaJ69NFCF4v/55uIXEIq6itf3vfYW0BsvHCvcAwTiU46PqBU++UHOxY6b:Vnc3v0vfYs1TY6PSesNA

Entry address:
0x42A44

Entry point:
E8, 10, 96, 00, 00, E9, 7F, FE, FF, FF, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, 55, 8B, EC, 83, EC, 14, 53, 56, 33, DB, 57, 8B, 7D, 08, 89, 5D, F8, 89, 5D, F4, 89, 5D, FC, 85, FF, 75, 18, E8, F0, 13, 00, 00, 6A, 16, 5E, 89, 30, E8, EB, D0, FF, FF, 8B, C6, 5F, 5E, 5B, 8B, E5, 5D, C3, 6A, 24, 68, FF, 00, 00, 00, 57, E8, 1C, FA, FF, FF...
 
[+]

Code size:
367.5 KB (376,320 bytes)

Scheduled Task
Task name:
1stbrowser

Trigger:
Registration (Runs on registration)


The file 1stbrowser.exe has been discovered within the following programs.

1stBrowser  by Sien S.A.
About 3% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to ec2-50-19-113-170.compute-1.amazonaws.com  (50.19.113.170:443)

TCP (HTTP SSL):
Connects to ec2-23-23-112-220.compute-1.amazonaws.com  (23.23.112.220:443)

TCP (HTTP):
Connects to ec2-52-55-12-167.compute-1.amazonaws.com  (52.55.12.167:80)

TCP (HTTP SSL):
Connects to static.khi77.pie.net.pk  (221.120.207.39:443)

TCP (HTTP):
Connects to ec2-107-23-60-50.compute-1.amazonaws.com  (107.23.60.50:80)

TCP (HTTP SSL):
Connects to wb-in-f155.1e100.net  (66.102.1.155:443)

TCP (HTTP):
Connects to ec2-23-21-219-9.compute-1.amazonaws.com  (23.21.219.9:80)

TCP (HTTP):
Connects to ec2-107-21-94-87.compute-1.amazonaws.com  (107.21.94.87:80)

TCP (HTTP):
Connects to ec2-107-21-121-128.compute-1.amazonaws.com  (107.21.121.128:80)

TCP (HTTP):
Connects to a96-7-51-32.deploy.akamaitechnologies.com  (96.7.51.32:80)

TCP (HTTP):
Connects to a92-123-180-75.deploy.akamaitechnologies.com  (92.123.180.75:80)

Remove 1stbrowser.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.