» arcadejet.c455033f097f4ade860c68454e07c754.exe
Overview
Analysis
File Details
Network (1)

arcadejet.c455033f097f4ade860c68454e07c754.exe

Arcade Jet

IAC Search and Media

This installer is part of the Ask.com (APN) network which will install the Ask.com branded toolbar or browser extension which will take control of the web browser's search functions. The application arcadejet.c455033f097f4ade860c68454e07c754.exe by IAC Search and Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the APN Stub installer. While running, it connects to the Internet address 74.113.233.180.df.iaccap.com on port 443.

File name:

Publisher:

APN, LLC. (signed by IAC Search and Media)

Product:

Arcade Jet

Description:

Arcade Jet Setup

Version:

2.7.1.1000

MD5:

fa5571e0fa96e439753b50c64ffa1ced

SHA-1:

079a1384cebbc133023080a355153f5bada8a65a

SHA-256:

88b76948357b97b42b5a7cbdbb641d3a12939d04a5a3cf6efdcb83164bc9cd89

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/29/2024 12:26:27 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Ask (M)

17.2.9.2

File size:

364 KB (372,696 bytes)

Product version:

2.7.1.1000

Trademarks:

File type:

Executable application (Win32 EXE)

Installer:

APN Stub

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\arcadejet.c455033f097f4ade860c68454e07c754.exe

Digital Signature

Signed by:

IAC Search and Media

Authority:

Symantec Corporation

Valid from:

9/21/2015 7:00:00 PM

Valid to:

11/16/2018 5:59:59 PM

Subject:

CN=IAC Search and Media, O=IAC Search and Media, L=Oakland, S=California, C=US

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

555361B990788EAF1F345E34ECA97A08

File PE Metadata

Compilation timestamp:

12/24/2013 11:01:44 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x3229

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 08, A3, 58, 4F, 43, 00, E8, 9F, 2E, 00, 00, A3, A4, 4E, 43, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, B8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, A0, 3E, 43, 00, E8, 0A, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, F8, 2A, 00, 00... 
[+]

Entropy:

7.9246

Packer / compiler:

Nullsoft install system v2.x

Code size:

24.5 KB (25,088 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):

Connects to 74.113.233.180.df.iaccap.com (74.113.233.180:443)

Remove arcadejet.c455033f097f4ade860c68454e07c754.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.