» aceleradorb_setup.exe
Overview
Analysis
File Details

aceleradorb_setup.exe

BR SOFTWARE LLC

The application aceleradorb_setup.exe, “Acelerador de Downloads Setup ” by BR SOFTWARE has been detected as adware by 11 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider. It is also typically executed from the user's temporary directory.

File name:

Publisher:

Acelerador de Downloads (signed by BR SOFTWARE LLC)

Product:

Acelerador de Downloads

Description:

Acelerador de Downloads Setup

MD5:

293059ade89e22592d28277218301b9e

SHA-1:

1547ab34c8b0a39ac6b5cf4553aeb7b41bee773a

SHA-256:

b1e1b6b5c07917d36c75ad3a545d1efa9d81416e6137a270ac7b992e7612cb46

Scanner detections:

11 / 68

Status:

Adware

Explanation:

The installer may include an offer for the Babylon Toolbar (a homepage/search hijacker), which is potentially installed with minimal user consent.

Analysis date:

4/26/2024 9:57:09 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/Adware.Gen2

7.11.63.170

avast!

MSIL:Downloader-IO [PUP]

2014.9-160201

AVG

AdInstaller.G

2017.0.2846

Dr.Web

Adware.Shopper.328

9.0.1.032

Emsisoft Anti-Malware

Riskware.Win32.Toolbar.Babylon.AMN

8.16.02.01.10

ESET NOD32

Win32/Toolbar.Babylon (variant)

10.8078

IKARUS anti.virus

AdWare.Win32.DealPly

t3scan.2.0.0.0

Malwarebytes

Adware.Bundler

v2016.02.01.10

Microsoft Security Essentials

Adware:Win32/DealPly

1.163.1557.0

NANO AntiVirus

Trojan.Win32.Delf.bshik

0.22.8.50837

Reason Heuristics

PUP.BR Software.BRSOFTWARE.Installer (M)

16.2.1.22

File size:

2 MB (2,135,328 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\aceleradorb_setup.exe

Digital Signature

Signed by:

BR SOFTWARE LLC

Authority:

Starfield Technologies, Inc.

Valid from:

4/17/2012 7:18:35 PM

Valid to:

4/17/2013 4:03:06 PM

Subject:

CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, L=Lewes, S=DE, C=US

Issuer:

SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

4B201CE7EB9204

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:6anBHN3CnRPrTqDGcYjlExV/DBMrpUa+kgl7r6Un:zBt3CntWXElKBypr+Z7r/

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

Remove aceleradorb_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.