» 992ed22e-1119-46b7-9a87-99d7f89a3cd1.exe
Overview
Analysis
File Details
Programs (1)

992ed22e-1119-46b7-9a87-99d7f89a3cd1.exe

Torpedo

Micro Yellow Lab

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application 992ed22e-1119-46b7-9a87-99d7f89a3cd1.exe by Micro Yellow Lab has been detected as adware by 2 anti-malware scanners. This file is typically installed with the program Browsers+_App+_Pro+ by Pani Poni Network which is a potentially unwanted software program. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

Publisher:

Micro Yellow Lab (signed and verified)

Product:

Torpedo

Version:

1.0.0.0

MD5:

01fd58dddf0edffdf29f98626e091b2e

SHA-1:

af75250e0dd4e9a1c622333c89f02912d6da6e1b

SHA-256:

cbaad319f668a3628cf25b062da5c5e35827a94115e3eda7051aefe091b42960

Scanner detections:

2 / 68

Status:

Adware

Explanation:

May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage).

Analysis date:

4/26/2024 8:34:04 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/CrossRider.Gen2

7.11.176.28

ESET NOD32

Win32/Toolbar.CrossRider.AS (variant)

8.10499

File size:

31.9 KB (32,672 bytes)

Product version:

1.0.0.0

Original file name:

TorpedoCh.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\browsers+_app+_pro+\992ed22e-1119-46b7-9a87-99d7f89a3cd1.exe

Digital Signature

Signed by:

Micro Yellow Lab

Authority:

COMODO CA Limited

Valid from:

8/28/2014 1:00:00 AM

Valid to:

8/29/2015 12:59:59 AM

Subject:

CN=Micro Yellow Lab, O=Micro Yellow Lab, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009AFA5E0D9A7B3EBDF9FADE2F928085CE

File PE Metadata

Compilation timestamp:

10/1/2014 8:40:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:xoaRHFxTS9acVNVdlA959Nepe2nXieCZnF:1HX+fdlXc2nnCZnF

Entry address:

0x821E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.4119

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

25 KB (25,600 bytes)

The file 992ed22e-1119-46b7-9a87-99d7f89a3cd1.exe has been discovered within the following program.

Browsers+_App+_Pro+ by Pani Poni Network

browsers+ is a potentially unwanted adware program that injects ads into the user's browser. This includes inserting into web pages or displaying ads over parts of existing web page advertisements, banners, coupons or text links that would not otherwise appear.

86% remove it

Remove 992ed22e-1119-46b7-9a87-99d7f89a3cd1.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.