» b8a42eb8db550680c485af9fe6650c51ed0c71fd2a05be68096f6472a595034a.exe
Overview
Analysis
File Details
Programs (1)

b8a42eb8db550680c485af9fe6650c51ed0c71fd2a05be68096f6472a595034a.exe

Rational Thought Solutions

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The application b8a42eb8db550680c485af9fe6650c51ed0c71fd2a05be68096f6472a595034a.exe by Rational Thought Solutions has been detected as adware by 11 anti-malware scanners. This file is typically installed with the program Health Alert by Rational Thought Solutions LLC which is a potentially unwanted software program.

File name:

Publisher:

Rational Thought Solutions (signed and verified)

MD5:

f9fc252216aec54bd8205d310540a1f3

SHA-1:

93ef32dadcc162d2abf8831e8bd3ddf4ba1301bd

SHA-256:

b8a42eb8db550680c485af9fe6650c51ed0c71fd2a05be68096f6472a595034a

Scanner detections:

11 / 68

Status:

Adware

Explanation:

Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:

5/8/2024 2:54:51 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.3091

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Adware.Yontoo.68

9.0.1.0153

K7 AntiVirus

Riskware

13.204.15982

Malwarebytes

PUP.Optional.PullUpdate.A

v2015.06.02.08

Panda Antivirus

PUP/PullUpdate

15.06.02.08

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Quick Heal

PUA.MSJDGBTIR.OD6

6.15.14.00

Reason Heuristics

PUP.Injekt.RationalThoughtSolutions

15.6.2.8

Vba32 AntiVirus

AdWare.MSIL.PullUpdate

3.12.26.4

Zillya! Antivirus

Adware.SaMon.Win32.108

2.0.0.2186

File size:

524.5 KB (537,072 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Rational Thought Solutions

Authority:

Symantec Corporation

Valid from:

1/24/2015 1:00:00 AM

Valid to:

4/25/2016 1:59:59 AM

Subject:

CN=Rational Thought Solutions, O=Rational Thought Solutions, L=St. James, S=St. James, C=BB

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

00B81C1C4DB6AD87B9B581116F115E4C

File PE Metadata

Compilation timestamp:

4/30/2015 3:41:22 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:6gllhn3OW5rFbCatGM8q0tCH3BggR5ADkFxfxrGroX2:6eX5RhsCH3B3ADuxCroX2

Entry address:

0x429CF

Entry point:

E8, F0, D4, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, EC, 84, 47, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 60, 60, 47, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, EC, 84, 47, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00... 
[+]

Entropy:

6.3263

Code size:

390.5 KB (399,872 bytes)

The file b8a42eb8db550680c485af9fe6650c51ed0c71fd2a05be68096f6472a595034a.exe has been discovered within the following program.

Health Alert by Rational Thought Solutions LLC

Health Alert from Injekt is a web browser extension that displays advertising in the user's web browser as well as may bundle additional software during the installation including toolbars for search.

89% remove it

Remove b8a42eb8db550680c485af9fe6650c51ed0c71fd2a05be68096f6472a595034a.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.