» 5ae6bcfaf768485b8075a2ef95281a93.exe
Overview
Analysis
File Details

5ae6bcfaf768485b8075a2ef95281a93.exe

5ae6bcfaf768485b8075a2ef95281a93

The application 5ae6bcfaf768485b8075a2ef95281a93.exe has been detected as a potentially unwanted program by 14 anti-malware scanners.

File name:

Product:

5ae6bcfaf768485b8075a2ef95281a93

Version:

1.0.0.86

MD5:

7736e43867fce004c946f34913ab07c6

SHA-1:

c0f283384f2144e848fb5cf8429f93c8b01a71c4

SHA-256:

2be673de321674546c2347c971861535ec7d14c9da06198b3d75011cf8aacffd

Scanner detections:

14 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 10:57:51 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.182184

671

AhnLab V3 Security

Adware/Win32.PicColor

2015.03.29

avast!

Win32:Adware-gen [Adw]

150320-0

AVG

Generic6

2016.0.3156

Baidu Antivirus

Adware.Win32.PicColor

4.0.3.15328

Bitdefender

Gen:Variant.Graftor.182184

1.0.20.470

Comodo Security

ApplicUnwnt

21637

Emsisoft Anti-Malware

Gen:Variant.Graftor.182184

8.15.04.04.02

ESET NOD32

Win32/Adware.PicColor.AA (variant)

9.11391

F-Secure

Gen:Variant.Graftor.182184

11.2015-04-04_7

G Data

Gen:Variant.Graftor.182184

15.4.25

MicroWorld eScan

Gen:Variant.Graftor.182184

16.0.0.282

NANO AntiVirus

Riskware.Win32.PicColor.dpxqrr

0.30.8.659

Reason Heuristics

Threat.Win.Reputation.IMP

15.4.4.14

File size:

309 KB (316,416 bytes)

Product version:

1.0.0.86

Original file name:

5ae6bcfaf768485b8075a2ef95281a93.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\ProgramData\5ae6bcfaf768485b8075a2ef95281a93\5ae6bcfaf768485b8075a2ef95281a93.exe

File PE Metadata

Compilation timestamp:

3/27/2015 4:58:04 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

6144:MBieHTQ++F2PqbKw2Z8ew/JCqrMkwDbiYl2KheZN:GP4QPDXwYqr7eiQj6N

Entry address:

0x20E30

Entry point:

E8, CD, A0, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 74, 10, 8B, 55, 0C, 85, D2, 74, 09, 8B, 4D, 10, 85, C9, 75, 16, 88, 0E, E8, C2, 52, 00, 00, 6A, 16, 5E, 89, 30, E8, 81, A3, 00, 00, 8B, C6, 5E, 5D, C3, 57, 8B, FE, 2B, F9, 8A, 01, 88, 04, 0F, 41, 84, C0, 74, 03, 4A, 75, F3, 5F, 85, D2, 75, 0B, 88, 16, E8, 95, 52, 00, 00, 6A, 22, EB, D1, 33, C0, EB, D7, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, DC, 43, 45, 00, FF, 15, 7C, C0, 43, 00, 85, C0, 75, 18, 56, E8, 69... 
[+]

Code size:

233.5 KB (239,104 bytes)

Remove 5ae6bcfaf768485b8075a2ef95281a93.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.