home

64172.malware

uninst_pcsupporter

Akorea

The file 64172.malware by Akorea has been detected as adware by 29 anti-malware scanners.
Publisher:
Akorea  (signed and verified)

Product:
uninst_pcsupporter

Description:
uninstaller

Version:
1, 0, 0, 1

MD5:
26a62719363c5594daeecb238e785e9e

SHA-1:
1b2ec6c18e4e63f7aa8f3bb2a40fe0e69114eacd

SHA-256:
b954b03dabc4f90200be2fedcebf899c0e5d5f33d74eee952933e7987f1d85a2

Scanner detections:
29 / 68

Status:
Adware

Analysis date:
4/24/2024 12:07:35 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1454310
830

Agnitum Outpost
FraudTool.Onescan
7.1.1

AhnLab V3 Security
PUP/Win32.PowerBoan
2014.06.11

Avira AntiVirus
TR/Symmi.31506.80
7.11.154.60

avast!
Win32:Adware-AZQ [Adw]
2014.9-141028

Bitdefender
Trojan.GenericKD.1454310
1.0.20.1505

Bkav FE
W32.Clod468.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18503

Dr.Web
Trojan.Fakealert.46576
9.0.1.0301

Emsisoft Anti-Malware
Trojan.GenericKD.1454310
8.14.10.28.03

ESET NOD32
Win32/AdWare.Kraddare.KG (variant)
8.9924

Fortinet FortiGate
W32/FRAUDL.SMMI!tr
10/28/2014

F-Secure
Trojan.GenericKD.1454310
11.2014-28-10_3

G Data
Trojan.GenericKD.1454310
14.10.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.6.1.0

K7 AntiVirus
Adware
13.1712358

Kaspersky
Trojan-FakeAV.Win32.Onescan
14.0.0.3034

Malwarebytes
Rogue.PCSupporter
v2014.10.28.03

McAfee
Artemis!26A62719363C
5600.6964

MicroWorld eScan
Trojan.GenericKD.1454310
15.0.0.903

Norman
FakeAV.CSSA
11.20141028

nProtect
Trojan.GenericKD.1454310
14.06.10.01

Panda Antivirus
Trj/Genetic.gen
14.10.28.03

Qihoo 360 Security
HEUR/Malware.QVM01.Gen
1.0.0.1015

Reason Heuristics
PUP.Installer.Akorea.M
14.10.28.3

SUPERAntiSpyware
Trojan.Agent/Gen-FraudScan
10273

Trend Micro House Call
TROJ_FRAUDL.SMMI
7.2.301

Trend Micro
TROJ_FRAUDL.SMMI
10.465.28

VIPRE Antivirus
Trojan.Win32.Generic
30168

File size:
163.5 KB (167,448 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2013 AKorea All rights reserved.

Original file name:
uninst_pcsupporter.exe

Digital Signature
Signed by:
Akorea

Authority:
Thawte, Inc.

Valid from:
6/28/2013 9:00:00 AM

Valid to:
7/29/2014 8:59:59 AM

Subject:
CN=Akorea, O=Akorea, L=Haeundae-gu, S=BUSAN, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
47808D51BD832E4E938DE40E8ABCFACB

File PE Metadata
Compilation timestamp:
10/22/2013 10:56:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:IEEhk7wKbdU4XvQkU3Ztq76wC50c5/+EG2LnMULuadfXADUpB46:97hU4XvhU3fE6w00K/+8MULlJ5pBJ

Entry address:
0xBFAB0

Entry point:
60, BE, 00, A0, 49, 00, 8D, BE, 00, 70, F6, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8714

Packer / compiler:
UPX 2.90LZMA

Code size:
152 KB (155,648 bytes)

Remove 64172.malware - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.