» aceftp3free.exe
Overview
Analysis
File Details

aceftp3free.exe

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application aceftp3free.exe by Visicom Media has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.

File name:

aceftp3free.exe

Publisher:

Visicom Media Inc. (signed and verified)

MD5:

9adf42729042fd8fd9b8d1c11cbcd81f

SHA-1:

e3287072d2c0055860a3f30128d57ea3426c160a

SHA-256:

5b4730a8fd4c4ceda84bb25c60a4fcefb87241a296ab21ff952b1c3b31f17d5e

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 10:45:17 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

PUA.HTML.Infected.WebPage-2

0.98/17211

Reason Heuristics

PUP.VisicomMedia.L

14.11.6.23

File size:

7.6 MB (7,927,552 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\aceftp3free.exe

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

6/20/2007 12:00:00 PM

Valid to:

6/23/2008 11:59:59 AM

Subject:

CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

53647B50983ED1EB11C279CB398C2CA4

File PE Metadata

Compilation timestamp:

3/30/2008 11:14:03 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:0ONhmbAjrnIeQNcinrid1CsciNd3+OQLgDCrXwn+vu33e0:mberIeQN9JodegDW+pn/

Entry address:

0x30B4

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 58, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, 3F, 42, 00, E8, E1, 2A, 00, 00, A3, 64, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 28, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 4C, 91, 40, 00, 68, 60, 36, 42, 00, E8, 98, 27, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 86, 27, 00, 00... 
[+]

Entropy:

7.9976

Packer / compiler:

Nullsoft install system v2.x

Code size:

22 KB (22,528 bytes)

Remove aceftp3free.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.