» {6226a2eb-4a39-5f6b-e7fd-40b6f3ba201e}-2929850958560043832e.exe
Overview
Analysis
File Details

{6226a2eb-4a39-5f6b-e7fd-40b6f3ba201e}-2929850958560043832e.exe

The application {6226a2eb-4a39-5f6b-e7fd-40b6f3ba201e}-2929850958560043832e.exe has been detected as a potentially unwanted program by 17 anti-malware scanners. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

MD5:

63761c8c13baad7cf7a5f738a81046af

SHA-1:

714b8d9cf3843bfec37b91b63f34ea77dbe95ef1

SHA-256:

d4ff9b34d4a1c10291baefe324c09076494cf832d8ae8d23e00316f6e479796f

Scanner detections:

17 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/26/2024 12:27:34 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.MultiPlug.18

5800457

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.30.172

Arcabit

Trojan.Adware.MultiPlug.18

1.0.0.425

AVG

Generic6

2016.0.3001

Bitdefender

Gen:Variant.Adware.MultiPlug.18

1.0.20.1210

Dr.Web

Trojan.Crossrider1.45643

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Adware.MultiPlug.18

10.0.0.5366

F-Prot

W32/S-9bc3f09a

v6.4.7.1.166

F-Secure

Gen:Variant.Adware.MultiPlug

5.14.151

G Data

Gen:Variant.Adware.MultiPlug.18

15.8.25

Kaspersky

not-a-virus:HEUR:AdWare.Win32.MultiPlug

14.0.0.1501

McAfee

Program.MultiPlug

18.0.204.0

MicroWorld eScan

Gen:Variant.Adware.MultiPlug.18

16.0.0.726

NANO AntiVirus

Riskware.Win32.MultiPlug.duqyfz

0.30.24.3283

Norman

Gen:Variant.Adware.MultiPlug.18

04.08.2015 10:30:46

Sophos

PUA 'MultiPlug' (of type Adware)

5.15

Vba32 AntiVirus

Heur.Malware-Cryptor.Multiplug

3.12.26.4

File size:

382 KB (391,168 bytes)

File type:

Executable application (Win64 EXE)

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

6144:9kYJ9vsjiVwurFgTYpV5/a83xZqFFt8dQZSyzQMR+zdT0n20LTJlVWBMb:9kw90ggTYX5/pHqvQQZ0MAzdTcwW

Entry point:

B2, A5, 6F, FF, FC, FF, FF, FF, FB, FF, FF, FF, 00, 00, FF, FF, 47, FF, FF, FF, FF, FF, FF, FF, BF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, 0F, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF... 
[+]

Entropy:

6.6585

Remove {6226a2eb-4a39-5f6b-e7fd-40b6f3ba201e}-2929850958560043832e.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.