home

ae98.exe

Alexey Kurilenko

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application ae98.exe by Alexey Kurilenko has been detected as adware by 25 anti-malware scanners. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is also typically executed from the user's temporary directory.
Publisher:
Alexey Kurilenko  (signed and verified)

MD5:
66bcb32c446dea4a55bde62be605615b

SHA-1:
0650ea69ae99e62c4cdd507c1badd911a2a3d952

SHA-256:
7d0a37365efaaaae2ea5549b6ad151b8b95e81ac5433fdbde2517911a18bca1e

Scanner detections:
25 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/24/2024 2:31:04 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.MPlug.29
731

AhnLab V3 Security
PUP/Win32.MultiPlug
2015.01.29

Avira AntiVirus
Adware/MultiPlug.aob
7.11.205.178

avast!
Win32:MultiPlug-OZ [PUP]
150101-1

AVG
Generic6
2016.0.3215

Bitdefender
Gen:Variant.Adware.MPlug.29
1.0.20.170

Bkav FE
HW32.Packed
1.3.0.6379

Comodo Security
Application.Win32.AdWare.MultiPlug.VA
20878

Dr.Web
Trojan.Crossrider.36840
9.0.1.034

Emsisoft Anti-Malware
Gen:Variant.Adware.MPlug.29
8.15.02.03.11

ESET NOD32
Win32/Adware.MultiPlug.ED application
7.0.302.0

F-Prot
W32/S-d7ee384e
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.MPlug.29
11.2015-03-02_3

G Data
Gen:Variant.Adware.MPlug.29
15.2.25

IKARUS anti.virus
AdWare.MultiPlug
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.193.14786

Kaspersky
not-a-virus:AdWare.Win32.MultiPlug
15.0.0.543

McAfee
Program.MultiPlug-FUV
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.MPlug.29
16.0.0.102

NANO AntiVirus
Riskware.Win32.MultiPlug.dmwsoc
0.30.0.65070

Panda Antivirus
PUP/TSUploader
15.01.28.01

Reason Heuristics
PUP.WebPick
15.1.28.13

Sophos
PUA 'MultiPlug' (of type Adware)
5.09

Vba32 AntiVirus
suspected of Heur.Malware-Cryptor.Multiplug
3.12.26.3

VIPRE Antivirus
Threat.4786450
36694

File size:
1.3 MB (1,379,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\ae98.exe

Digital Signature
Signed by:
Alexey Kurilenko

Authority:
Unizeto Technologies S.A.

Valid from:
6/17/2014 3:20:17 PM

Valid to:
6/17/2015 3:20:17 PM

Subject:
E=Alexey.kurilenko@hotmail.com, CN=Alexey Kurilenko, O=Alexey Kurilenko, C=RU

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
15D51642691B3EE20985639A8FE865DD

File PE Metadata
Compilation timestamp:
10/27/2013 10:38:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:fKbuU6Er8no7IeEMkVKWz4DgzQi4N9i77i4ZdPQjUde9PF6b/n5:fKyU6Er7Ioohz4DeDkoSUeVMbB

Entry address:
0x1E56C

Entry point:
E8, 1B, 39, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 30, 15, 46, 00, E8, 4E, 11, 00, 00, E8, E8, 3A, 00, 00, 0F, B7, F0, 6A, 02, E8, AE, 38, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, C2, 09, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
365.5 KB (374,272 bytes)

Remove ae98.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.