home

ASBarBroker.EXE

地址栏

Beijing Shi Yue Network Technology Co., Ltd.

Publisher:
Address  (signed by Beijing Shi Yue Network Technology Co., Ltd. )

Product:
地址栏

Description:
地址栏辅助应用程序。

Version:
1, 0, 0, 4

MD5:
2dc15f3545ecb6954f386acfc46987ba

SHA-1:
5ceceae5f3c54b89962af085a3b26b11306f2dc8

SHA-256:
ae8bf71faa630336a81be759632f0d403ed3c8f7776dd3f6dfd1ec46c1fb2e2c

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 9:02:31 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Agent
7.1.1

Dr.Web
Trojan.Siggen4.45560
9.0.1.08

NANO AntiVirus
Trojan.Win32.Siggen4.dfohkp
0.30.0.64812

File size:
129.8 KB (132,952 bytes)

Product version:
1, 0, 0, 4

Copyright:
Copyright 2010

Original file name:
ASBarBroker.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\adress\{8cc3b9d4-678d-1c95-e8ef-e635b2b1948f}\asbarbroker.exe

Digital Signature
Signed by:
Beijing Shi Yue Network Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
3/23/2010 8:00:00 AM

Valid to:
5/22/2013 7:59:59 AM

Subject:
CN="Beijing Shi Yue Network Technology Co., Ltd. ", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Beijing Shi Yue Network Technology Co., Ltd. ", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3E1C9D61CE8EBA98AF58FD3470D7F978

File PE Metadata
Compilation timestamp:
3/4/2013 10:54:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
1536:52wewad67e/VhKVSvBCHHMbdhxK5kqjHS8+od9t7tGbTn+/Z7nzrNPTJdShECa:Rvad66zqsbPxKQZod9t7tGbTsJz9mhi

Entry address:
0x89F1

Entry point:
E8, 1C, 56, 00, 00, E9, 17, FE, FF, FF, 56, 57, 33, F6, BF, 40, 86, 41, 00, 83, 3C, F5, 5C, 75, 41, 00, 01, 75, 1E, 8D, 04, F5, 58, 75, 41, 00, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, E8, 9A, 56, 00, 00, 85, C0, 59, 59, 74, 0C, 46, 83, FE, 24, 7C, D2, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, 58, 75, 41, 00, 00, 33, C0, EB, F1, 53, 8B, 1D, E4, 20, 41, 00, 56, BE, 58, 75, 41, 00, 57, 8B, 3E, 85, FF, 74, 13, 83, 7E, 04, 01, 74, 0D, 57, FF, D3, 57, E8, 9D, E3, FF, FF, 83, 26, 00, 59, 83, C6, 08, 81, FE, 78...
 
[+]

Entropy:
6.1983

Code size:
68 KB (69,632 bytes)

The file ASBarBroker.EXE has been discovered within the following program.

adress
This is a web browser extension and Browser helper Object (for Internet Explorer) that delivers contextual based advertising to the web browser. In addition it will modify the user's browser home and search pages as well as 'New Tab' pages to push advertising and search.
79% remove it
 
Powered by Should I Remove It?

Scan ASBarBroker.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.