» 42c3307aee70974c66d12bcff6df75fe.exe
Overview
Analysis
File Details

42c3307aee70974c66d12bcff6df75fe.exe

Supersoft

The application 42c3307aee70974c66d12bcff6df75fe.exe by Supersoft has been detected as adware by 19 anti-malware scanners.

File name:

Publisher:

Supersoft (signed and verified)

MD5:

42c3307aee70974c66d12bcff6df75fe

SHA-1:

6495e70eea5e36ac37c441f8d87a536da09fc295

SHA-256:

8376af3a6e9e1005d81e7d298f339264686b2aa092f97616e6adea1b446fa9c4

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/26/2024 4:38:47 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1760079

915

AhnLab V3 Security

Trojan/Win32.Inject

2014.07.17

Avira AntiVirus

TR/Dropper.MSIL.66578

7.11.161.52

Bitdefender

Trojan.GenericKD.1760079

1.0.20.1080

Dr.Web

Trojan.PWS.Stealer.13090

9.0.1.0216

Emsisoft Anti-Malware

Trojan.MSIL.Injector

8.14.08.04.07

ESET NOD32

MSIL/Injector.EJD (variant)

8.10105

G Data

Trojan.GenericKD.1760079

14.8.24

IKARUS anti.virus

Trojan.MSIL.Injector

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.180.12733

Kaspersky

Trojan-PSW.Win32.Fareit

14.0.0.3458

Malwarebytes

Trojan.Inject

v2014.08.04.07

McAfee

Artemis!42C3307AEE70

5600.7049

MicroWorld eScan

Trojan.GenericKD.1760079

15.0.0.648

Panda Antivirus

Trj/CI.A

14.08.04.07

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Reason Heuristics

PUP.Supersoft.a

14.8.4.7

Sophos

Mal/Cleaman-B

4.98

Trend Micro House Call

Suspicious_GEN.F47V0714

7.2.216

File size:

417.2 KB (427,240 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\42c3307aee70974c66d12bcff6df75fe.exe

Digital Signature

Signed by:

Supersoft

Authority:

Supersoft

Valid from:

9/30/2012 10:26:38 AM

Valid to:

1/1/2040 12:59:59 AM

Subject:

CN=Supersoft

Issuer:

CN=Supersoft

Serial number:

6B50254A40C7CFB14A405056B8F04272

File PE Metadata

Compilation timestamp:

7/14/2014 12:02:24 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:JwTrPbx0ZW2G0EVbUkMIMJNAbfyo0SY7i:GTYJEKmwi

Entry address:

0x6874E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

410 KB (419,840 bytes)

Remove 42c3307aee70974c66d12bcff6df75fe.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.