» allkeys925.exe
Overview
Analysis
File Details
Downloads (1)

allkeys925.exe

iDatix Corporation

The application allkeys925.exe by iDatix has been detected as a potentially unwanted program by 19 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from gameconvert.net.

File name:

allkeys925.exe

Publisher:

iDatix Corporation (signed and verified)

MD5:

62e63d4eb6579d88284abb3c638db435

SHA-1:

8d4e4def1b64359c335ccef03078882908a813a1

SHA-256:

3ecdd7a5d0898ce51c4f5cd93ced5434e88828554a9fa849ea7c6481ae1946f3

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 2:59:15 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.145511

896

Agnitum Outpost

PUA.Toolbar

7.1.1

Avira AntiVirus

ADWARE/Adware.Gen

7.11.166.16

avast!

Win32:Adware-gen [Adw]

2014.9-140604

AVG

Could be an adware AdLoad

2015.0.3453

Bitdefender

Gen:Variant.Adware.Graftor.145511

1.0.20.1170

Comodo Security

ApplicUnwnt.Win32.Hoax.ArchSMS.GJA

19121

Dr.Web

Adware.Downware.1666

9.0.1.0155

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.145511

8.14.08.22.05

ESET NOD32

Win32/AdWare.Toolbar.Webalta.GH application

8.7.0.302.0

F-Secure

Gen:Variant.Adware.Graftor.145511

11.2014-22-08_6

G Data

Gen:Variant.Adware.Graftor.145511

14.8.24

IKARUS anti.virus

AdWare.Adload

t3scan.1.6.1.0

K7 AntiVirus

Adware

13.183.12981

MicroWorld eScan

Gen:Variant.Adware.Graftor.145511

15.0.0.702

Reason Heuristics

PUP.iDatixCorporation.K

14.8.12.15

Sophos

WebAlta Toolbar

4.98

Vba32 AntiVirus

Downware.iDatix.gen

3.12.26.3

VIPRE Antivirus

Threat.4150696

31208

File size:

1 MB (1,096,616 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

iDatix Corporation

Authority:

VeriSign, Inc.

Valid from:

9/10/2012 4:00:00 AM

Valid to:

10/2/2015 3:59:59 AM

Subject:

CN=iDatix Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=iDatix Corporation, L=Clearwater, S=Florida, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

6A2BECD74BF6AAF73D2D909F5C4A93CD

File PE Metadata

Compilation timestamp:

6/20/1992 2:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:1v/J7tLa7heMvvb/+/WcCO+VhlSw1+bDh0h5ETgBdyx9:1fLAYMr2/WcjUZ9cx9

Entry address:

0x78A4C

Entry point:

55, 8B, EC, 83, C4, F0, B8, 14, 88, 47, 00, E8, 10, DE, F8, FF, A1, 30, AA, 47, 00, 8B, 00, E8, 64, 0F, FE, FF, 8B, 0D, 20, A8, 47, 00, A1, 30, AA, 47, 00, 8B, 00, 8B, 15, 88, 4C, 47, 00, E8, 64, 0F, FE, FF, 8B, 0D, F8, A7, 47, 00, A1, 30, AA, 47, 00, 8B, 00, 8B, 15, 08, 4A, 47, 00, E8, 4C, 0F, FE, FF, 8B, 0D, E8, A9, 47, 00, A1, 30, AA, 47, 00, 8B, 00, 8B, 15, 50, 86, 47, 00, E8, 34, 0F, FE, FF, A1, 30, AA, 47, 00, 8B, 00, E8, A8, 0F, FE, FF, E8, 9B, B8, F8, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

479 KB (490,496 bytes)

The file allkeys925.exe has been seen being distributed by the following URL.

http://gameconvert.net/install.php?rid=592&url=aHR0cDovL3MxLmZpbGUtc3BhY2Uub3JnL2Rvd24vSjVRa1Z2bm1Oai8xNDAxODU0Njk4L21WY3NGM1pNeDhrVlpGMG9QR3hrMWcvNjMzMi8wLzYzMzIvYWxsa2V5czkyNS5yYXI=&name=YWxsa2V5czkyNQ==

Remove allkeys925.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.