» 80e8d410-b2f7-435c-82bd-72d5842bedfd-11.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

80e8d410-b2f7-435c-82bd-72d5842bedfd-11.exe

Sense

Porter Studio Plus

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application 80e8d410-b2f7-435c-82bd-72d5842bedfd-11.exe by Porter Studio Plus has been detected as adware by 25 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program Sense by Object Browser which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

Publisher:

Object Browser (signed by Porter Studio Plus)

Product:

Sense

Description:

Sense exe

Version:

1000.1000.1000.1000

MD5:

182e76a4eba70e0ade53147de0da5578

SHA-1:

6f807fa6bf25866d133c31833a8aa5b915135f27

SHA-256:

b8e0b43dd95054254bc95b04b0af3b5ecdfdde10852926a036fc14bd6c825f69

Scanner detections:

25 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Analysis date:

4/24/2024 8:49:39 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

PUP/Win32.CrossRider

2014.10.31

Avira AntiVirus

ADWARE/CrossRider.Gen7

7.11.182.116

avast!

Win32:Crossrider-AI [PUP]

141025-0

AVG

Generic

2015.0.3305

Baidu Antivirus

PUA.Win32.CrossRider

4.0.3.15226

Clam AntiVirus

Win.Adware.Plush-60

0.98/21511

Comodo Security

Application.Win32.Plush.GRI

19945

Dr.Web

Trojan.Crossrider.37352

9.0.1.05190

ESET NOD32

Win32/Toolbar.CrossRider.AX (variant)

8.10646

Fortinet FortiGate

Riskware/CrossRider

2/26/2015

F-Prot

W32/A-1a27c920

v6.4.7.1.166

G Data

Win32.Adware.Crossrider

14.10.24

IKARUS anti.virus

AdWare.Adwapper

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.191.14635

Kaspersky

Trojan.NSIS.GoogUpdate

14.0.0.2430

Malwarebytes

PUP.Optional.Sense.A

v2014.10.30.08

NANO AntiVirus

Trojan.Win32.Crossrider.dhzbam

0.30.0.64448

nProtect

Trojan/W32.Agent.1985456

15.01.14.01

Panda Antivirus

Trj/Genetic.gen

15.02.26.12

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.Crossrider.Task.h

14.11.3.21

Rising Antivirus

PE:Trojan.Win32.Generic.17B2BC7E!397589630

23.00.65.15224

Sophos

AppRider

4.98

VIPRE Antivirus

Threat.4789396

34232

Zillya! Antivirus

Trojan.GoogUpdate.Win32.4177

2.0.0.2034

File size:

1.9 MB (1,985,440 bytes)

Product version:

1000.1000.1000.1000

Original file name:

Sense.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\sense\80e8d410-b2f7-435c-82bd-72d5842bedfd-11.exe

Digital Signature

Signed by:

Porter Studio Plus

Authority:

COMODO CA Limited

Valid from:

10/20/2014 3:00:00 AM

Valid to:

10/21/2015 2:59:59 AM

Subject:

CN=Porter Studio Plus, O=Porter Studio Plus, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B7BA41CFBA8D50AF9A2A64362C08FA91

File PE Metadata

Compilation timestamp:

10/29/2014 10:37:16 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

49152:yQwvC9eHHS3dJ/HHcKCPWdpSPgT5Z1V1Dzl:d9+S3d5ncKCPp4

Entry address:

0xF0EC1

Entry point:

E8, D5, FF, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 78, 09, E8, 08, 01, 01, 00, 3B, 30, 7C, 07, E8, FF, 00, 01, 00, 8B, 30, E8, F2, 00, 01, 00, 8B, 04, B0, 5E, 5D, C3, 55, 8B, EC, 56, E8, F3, 5E, 00, 00, 8B, F0, 85, F6, 75, 07, B8, 20, 54, 55, 00, EB, 26, 53, 57, 33, FF, BB, 86, 00, 00, 00, 39, 7E, 24, 75, 1B, 6A, 01, 53, E8, 0D, 31, 00, 00, 59, 59, 89, 46, 24, 85, C0, 75, 0A, B8, 20, 54, 55, 00, 5F, 5B, 5E, 5D, C3, FF, 75, 08, 8B, 76, 24, E8, 90, FF, FF, FF, 50, 53, 56, E8, 6C, ED... 
[+]

Code size:

1.1 MB (1,150,464 bytes)

Scheduled Task

Task name:

80e8d410-b2f7-435c-82bd-72d5842bedfd-11

Trigger:

Logon (Runs on logon)

The file 80e8d410-b2f7-435c-82bd-72d5842bedfd-11.exe has been discovered within the following program.

Sense by Object Browser

Sense is a potentially unwanted web browser extension that will attempt to modify the user's home and search page settings as well as display advertisements in the browser. The software will attach to IE, Chrome and Firefox.

85% remove it

Remove 80e8d410-b2f7-435c-82bd-72d5842bedfd-11.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.