» ar speed reading1.3.2.exe
Overview
Analysis
File Details

ar speed reading1.3.2.exe

premium

New IT Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application ar speed reading1.3.2.exe by New IT Limited has been detected as adware by 24 anti-malware scanners.

File name:

Publisher:

C (signed by New IT Limited)

Product:

premium

Description:

DWD

Version:

3, 3, 9, 0

MD5:

77f71d17037e41db75e775bddc6c09f7

SHA-1:

f039982ebe8eb8b569317825f1d456ca034c9a8f

SHA-256:

1d1ccc1fd056843587d46eabdee8c172d3ab64bf9bbbf0cc5ff2b4c24445ee74

Scanner detections:

24 / 68

Status:

Adware

Analysis date:

4/18/2024 4:50:52 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.152700

838

AegisLab AV Signature

Troj.W32.Badur

2.1.4+

Agnitum Outpost

PUA.4Shared

7.1.1

Avira AntiVirus

APPL/Downloader.Gen

7.11.179.162

avast!

Win32:FourShared-D [PUP]

141003-0

AVG

Adware BundleApp.CJ

2014.0.4040

Bitdefender

Gen:Variant.Graftor.152700

1.0.20.1460

Clam AntiVirus

Win.Adware.Strictor-18

0.98/21411

Dr.Web

Adware.Downware.2538, Adware.Downware.2460

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Graftor.152700

14.10.19

ESET NOD32

Win32/4Shared.Q potentially unwanted application

7.0.302.0

F-Prot

W32/A-e976c249

v6.4.7.1.166

F-Secure

Gen:Variant.Graftor.152700

11.2014-19-10_1

G Data

Gen:Variant.Graftor.152700

14.10.24

IKARUS anti.virus

PUA.4Shared.Q

t3scan.1.7.8.0

K7 AntiVirus

Unwanted-Program

13.184.13727

Kaspersky

not-a-virus:Downloader.Win32.GetFaster

15.0.0.494

McAfee

PUP-FNX

5600.6972

MicroWorld eScan

Gen:Variant.Graftor.152700

15.0.0.876

NANO AntiVirus

Riskware.Win32.Downware.cwtswn

0.28.2.62671

Reason Heuristics

PUP.NewITLimited.T

14.10.19.16

Sophos

4Share Downloader

4.98

Vba32 AntiVirus

Downloader.GetFaster

3.12.26.3

VIPRE Antivirus

Threat.4150696

33706

File size:

609.4 KB (623,992 bytes)

Product version:

3, 3, 9, 0

2014

Trademarks:

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ar speed reading1.3.2.exe

Digital Signature

Signed by:

New IT Limited

Authority:

GoDaddy.com, Inc.

Valid from:

12/30/2013 10:33:53 AM

Valid to:

12/30/2016 10:33:53 AM

Subject:

CN=New IT Limited, O=New IT Limited, L=Nicosia, S=Nicosia, C=CY

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

04225A281DFF69

File PE Metadata

Compilation timestamp:

3/21/2014 3:59:48 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:MJJit5xRhMPR0qu4eXHUHBvct7K0t9nfBuG:MmaR0qu4eEBvwmQ97

Entry address:

0x5B4A2

Entry point:

E8, 12, BF, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C... 
[+]

Entropy:

6.3788

Code size:

464.5 KB (475,648 bytes)

Remove ar speed reading1.3.2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.