» aceleradorb_setup.exe
Overview
Analysis
File Details

aceleradorb_setup.exe

BR SOFTWARE LLC

The application aceleradorb_setup.exe, “Acelerador de Downloads Setup ” by BR SOFTWARE has been detected as adware by 20 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider. It is also typically executed from the user's temporary directory.

File name:

Publisher:

Acelerador de Downloads (signed by BR SOFTWARE LLC)

Product:

Acelerador de Downloads

Description:

Acelerador de Downloads Setup

MD5:

7321f00dad25c824b1386aaed3750ee0

SHA-1:

ce5cedf73af3a08650e6864555b4299b37dd6870

SHA-256:

67ca6b637ecd08edb36be5f3adc0db4f3b51955dafdf77bce0437d42a78df8af

Scanner detections:

20 / 68

Status:

Adware

Explanation:

The installer may include an offer for the Babylon Toolbar (a homepage/search hijacker), which is potentially installed with minimal user consent.

Analysis date:

4/19/2024 9:49:45 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

ADWARE/DealPly.Gen

7.11.215.236

avast!

Win32:DealPly-A [PUP]

2014.9-160202

AVG

Toolbar

2017.0.2846

Baidu Antivirus

Adware.Win32.PCMega

4.0.3.1622

Comodo Security

ApplicUnwnt

21366

Dr.Web

Adware.Babylon.15

9.0.1.033

ESET NOD32

Win32/Toolbar.Babylon.A potentially unwanted (variant)

10.11300

IKARUS anti.virus

BHO.Win32.DealPly

t3scan.1.8.6.0

Kaspersky

not-a-virus:HEUR:WebToolbar.Win32.DealPly

14.0.0.724

Malwarebytes

Adware.Bundler

v2016.02.02.05

McAfee

Artemis!876003E3BB65

5600.6502

NANO AntiVirus

Riskware.Win32.PCMega.didkoy

0.30.0.296

Qihoo 360 Security

HEUR/Malware.QVM06.Gen

1.0.0.1015

Quick Heal

Adware.DealPly (Not a Virus)

2.16.12.00

Reason Heuristics

PUP.BR Software.BRSOFTWARE.Installer (M)

16.2.2.5

Sophos

Conta Prime

4.98

Trend Micro House Call

ADW_COUP

7.2.33

Trend Micro

ADW_COUP

10.465.02

Vba32 AntiVirus

Signed-Adware.DealPly

3.12.26.3

File size:

2.2 MB (2,303,840 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\aceleradorb_setup.exe

Digital Signature

Signed by:

BR SOFTWARE LLC

Authority:

GlobalSign nv-sa

Valid from:

6/8/2012 3:58:43 PM

Valid to:

6/9/2015 3:58:43 PM

Subject:

CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, C=US

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11212BC0BF00C9C6FB65718638885C9FC576

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:SaUBHN3CnRPrTqDGcYjlExV/DBMrpUa+kgl7r6UcU8sC:7It3CntWXElKBypr+Z7r0ULC

Entry address:

0x9C40

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

37 KB (37,888 bytes)

Remove aceleradorb_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.