home

adlsoft_uncompressor_1.exe

ADLSoft

The application adlsoft_uncompressor_1.exe by ADLSoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from s3.amazonaws.com.
Publisher:
ADLSoft  (signed and verified)

MD5:
0803653ff797c6bcb85165a181635511

SHA-1:
81fbee3fed7d009364311eb94879e66f90426f9a

SHA-256:
436343d942cfd187529d1d91b7115c67ffc4244cac2a2df7457d2ff2abe59cbe

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Uses the InstallCore download and install manager which may bundle various potentially unwanted software offers during setup.

Analysis date:
4/24/2024 6:26:12 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore.ADLSoft (M)
16.6.7.18

File size:
1 MB (1,093,640 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\adlsoft_uncompressor_1.exe

Digital Signature
Signed by:
ADLSoft

Authority:
Thawte, Inc.

Valid from:
8/22/2011 2:00:00 AM

Valid to:
7/26/2012 1:59:59 AM

Subject:
CN=ADLSoft, O=ADLSoft, L=Tel Aviv, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
522DE3F48188350D9BEBAD2434E15998

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:3N88MUnwQnabfVuhLk0MFVhmioP5sCwRThRkap5Doatn:3eboLHMrmijHTnkaXDo2

Entry address:
0xC1744

Entry point:
55, 8B, EC, 83, C4, F0, B8, AA, 19, 45, 00, E8, 06, F7, FF, FF, A5, CB, F5, B7, CB, 6A, 21, 69, A3, 56, 5F, 2B, 17, 94, AD, 4C, 1C, C0, 16, 8A, 17, 0C, 3C, 67, B8, 5B, BB, 54, F8, 3E, 9E, 77, 41, A0, 90, 2C, F5, 6D, AE, 6E, DE, 82, 08, D2, 25, AD, 2E, D1, F0, 92, 74, 69, CF, AF, B5, 6C, 6F, ED, BC, 07, 61, 58, B2, 44, E0, 01, 23, 9E, E1, 28, 7A, EE, D9, 1A, 1D, 37, 01, 79, 66, 2B, 12, C9, 3B, 6B, B1, 86, 04, CF, 0C, 13, 23, 45, 56, 45, 56, 0A, 40, 6E, 8F, 5F, 7A, 0D, 24, E7, E7, 9B, 71, 5B, 20, 16, 56, 3A...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
786.5 KB (805,376 bytes)

The file adlsoft_uncompressor_1.exe has been seen being distributed by the following URL.

http://s3.amazonaws.com/Adlsoft/.../ADLSoft_UnCompressor_1.exe

Remove adlsoft_uncompressor_1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.