home

ask_com_toolbar.exe

Sambamedia SL

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application ask_com_toolbar.exe by Sambamedia SL has been detected as adware by 27 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer.
Publisher:
Sambamedia SL  (signed and verified)

MD5:
811edf542e663219403805032838904c

SHA-1:
157da84c1fe372bbbff7ccbb8458e92efa9af506

SHA-256:
8ec2b68f7a5fbc536df4144a476eb8516899bd15e275866242fe517216603e23

Scanner detections:
27 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/25/2024 9:45:03 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Zusy.102357
6330886

Agnitum Outpost
Riskware.Agent
7.1.1

AhnLab V3 Security
Adware/Win32.Agent
2015.01.10

Avira AntiVirus
TR/Dropper.Gen
7.11.200.114

avast!
Win32:SoftPulse-AH [PUP]
150102-1

AVG
Win32/DH{gRJ+UIEHeVRPFVGBFYEJHFOBE0GBDw}
2016.0.3234

Bitdefender
Gen:Variant.Adware.Zusy.102357
1.0.20.45

Clam AntiVirus
Win.Adware.MultiPlug-31138
0.98/21511

Dr.Web
Adware.SoftPules.3, Adware.Downware.5878
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Zusy.102357
9.0.0.4799

ESET NOD32
Win32/SoftPulse.J potentially unwanted application
7.0.302.0

F-Prot
W32/A-ce871737
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Zusy.102357
5.13.68

G Data
Gen:Variant.Adware.Zusy.102357
15.1.24

IKARUS anti.virus
Trojan.Dropper
t3scan.1.8.6.0

K7 AntiVirus
Unwanted-Program
13.190.14599

McAfee
Program.SoftPulse
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.Zusy.102357
16.0.0.27

NANO AntiVirus
Trojan.Win32.Buzus.ddkefn
0.30.0.64448

Norman
Gen:Variant.Adware.Zusy.102357
02.01.2015 13:58:24

Panda Antivirus
Trj/Genetic.gen
15.01.09.05

Quick Heal
Trojan.Buzus.A4
1.15.14.00

Reason Heuristics
PUP.SambamediaSL.P
15.1.9.17

Sophos
PUA 'SoftPulse' (of type Adware)
5.09

Vba32 AntiVirus
Trojan.Buzus
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
36512

Zillya! Antivirus
Trojan.Buzus.Win32.121291
2.0.0.2031

File size:
1.3 MB (1,337,336 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softpulse SoftwareBundler

Common path:
C:\users\{user}\downloads\ask_com_toolbar.exe

Digital Signature
Signed by:
Sambamedia SL

Authority:
GlobalSign nv-sa

Valid from:
4/28/2014 8:13:17 AM

Valid to:
4/29/2015 8:13:17 AM

Subject:
E=contact@sambamediasl.com, CN=Sambamedia SL, O=Sambamedia SL, L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121A6F5CA8560763435DF885221AE3B200F

File PE Metadata
Compilation timestamp:
8/3/2014 11:50:13 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:w+DmvwPv0Mm4qu/5858PizfhUEza8Fgys7rW31JTPeTv0MSXwczvoEC0fCAl:vmvwPv0n4quRnwW8yNKnDXZvQY

Entry address:
0x5CB0

Entry point:
E8, 0F, 20, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 45, 0C, 83, EC, 20, 56, 57, 6A, 08, 59, BE, 10, 20, 41, 00, 8D, 7D, E0, F3, A5, 8B, 4D, 08, 5F, 5E, 85, C0, 74, 0D, F6, 00, 10, 74, 08, 8B, 01, 8B, 40, FC, 8B, 40, 18, 89, 4D, F8, 89, 45, FC, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, AC, 10, 41, 00, C9, C2, 08, 00, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 8B, 4D, EC, 33, CD, E8, 37...
 
[+]

Entropy:
7.6648

Code size:
61.5 KB (62,976 bytes)

Remove ask_com_toolbar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.