home

SmileFiles.exe

SmileFiles Installer

Webitar Production Inc

The file SmileFiles.exe by Webitar Production Inc has been detected as adware by 6 anti-malware scanners. It is also typically executed from the user's temporary directory.
Publisher:
http://smile-files.com  (signed by Webitar Production Inc)

Product:
SmileFiles Installer

Version:
1, 0, 510, 1

MD5:
2ebec245f1cc44fdeb518f99046370e3

SHA-1:
2c82aee9f69cea79e8790aee18e2f357b2ebf6e0

SHA-256:
22cbbd939e5b27c3b12e8ba364f4026ef6a5a456cca445f1976497d161c24143

Scanner detections:
6 / 68

Status:
Adware

Analysis date:
4/26/2024 11:03:43 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

AVG
Generic
2016.0.3185

ESET NOD32
Win32/ExpressDownloader.K potentially unwanted application
7.0.302.0

K7 AntiVirus
Unwanted-Program
13.1915113

Reason Heuristics
PUP.Installer.WebitarProduction
15.2.27.20

Sophos
PUA 'Smile Files Downloader' (of type Adware)
5.11

VIPRE Antivirus
Threat.4657539
37788

File size:
3.3 MB (3,453,576 bytes)

Product version:
1.0.0.1

Copyright:
Copyright http://smile-files.com (C) 2014

Original file name:
SmileFiles.exe

Language:
English

Common path:
C:\users\{user}\appdata\local\temp\6rimscvqiz.tmp

Digital Signature
Signed by:
Webitar Production Inc

Authority:
DigiCert Inc

Valid from:
11/11/2014 11:00:00 AM

Valid to:
11/15/2017 11:00:00 PM

Subject:
CN=Webitar Production Inc, O=Webitar Production Inc, L=Mahe, C=SC

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F9F8704E151CAFCFEFEECFBBA733C63

File PE Metadata
Compilation timestamp:
1/24/2015 9:56:09 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
49152:OCQ0G8a8R4JFd/VViAC/BYNUU7ES+cy3zDKEUK8HCmH2GkWHZxfvjI27YJV06Tn4:OzxY4BCLU7Eb3f35mTkKvj7CVZbgd9

Entry address:
0x4B74D3

Entry point:
60, E8, 0C, D4, DB, FF, 8D, 64, 24, 48, 0F, 82, 0B, 00, 00, 00, 66, 0F, BD, C5, 08, E4, B8, 06, 00, 00, 00, E8, 3E, BA, CE, FF, D2, F0, F6, D0, F7, D6, 1C, C4, FE, C8, 01, FE, F6, D0, 88, 0C, 24, F3, A4, 5E, 8B, 74, 24, 3C, 86, C5, 8B, 4C, 24, 40, F6, D0, 9C, 8A, 47, FF, C6, 44, 24, 08, AC, 9C, E8, 10, A3, D5, FF, E4, E6, 4C, 80, 8E, 69, 36, 7B, C8, 5A, 37, 0F, E0, 27, F6, F8, 43, F0, 52, DB, D7, 6A, 58, FD, 7E, 51, A1, 3C, DF, DC, DD, C2, C0, A9, 39, CC, C6, 07, B8, 2E, 8C, 75, ED, 96, 82, FE, A4, B3, 13...
 
[+]

Entropy:
7.9944

Packer / compiler:
ASPack v1.08.04

Code size:
932 KB (954,368 bytes)

Remove SmileFiles.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.