home

BroadbandUsageMeter.exe

Broadband Usage Meter

rackeys

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Rackeys Broadband Usage Meter’. The file has been seen being downloaded from www.winsite.com and multiple other hosts.
Publisher:
rackeys

Product:
Broadband Usage Meter

Description:
Broadband Usage Meter is a live desktop application for counting internet usage.

Version:
4.0.0.0

MD5:
6d512cb8fe72c8197006eba775cad619

SHA-1:
96a9d1c91019675a3d7458fb87dc0ec5b9a35a91

SHA-256:
38e9c4efde5bbf105c65081c7f5fd32f0b04d3b94521187de5f9c008370256f0

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/24/2024 2:38:52 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Downloader/Win32.Totoran
2013.12.18

File size:
666 KB (681,984 bytes)

Product version:
Windows XP, Windows Vista, Windows 7

Copyright:
Rackeys

Trademarks:
Rackeys

Original file name:
BroadbandUsageMeter.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\Program Files\broadbandusagemeter.exe

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:LwFuh48qG3KuuKB+/NGKH8jZyqAID5HhgAaAxpqlLhA7fg/:Lw0WPub+VzH8AqdDlhgAaAxpkLaDg/

Entry address:
0x82F84

Entry point:
55, 8B, EC, 83, C4, F0, 53, B8, EC, 2C, 48, 00, E8, BB, 35, F8, FF, 8B, 1D, 10, 56, 48, 00, 8B, 03, E8, A2, FB, FD, FF, 8B, 03, BA, 48, 30, 48, 00, E8, 8E, F7, FD, FF, 8B, 0D, E8, 55, 48, 00, 8B, 03, 8B, 15, 4C, FD, 47, 00, E8, 9B, FB, FD, FF, 8B, 0D, C0, 53, 48, 00, 8B, 03, 8B, 15, E4, 41, 46, 00, E8, 88, FB, FD, FF, 8B, 0D, 04, 56, 48, 00, 8B, 03, 8B, 15, D4, 49, 46, 00, E8, 75, FB, FD, FF, 8B, 0D, 44, 54, 48, 00, 8B, 03, 8B, 15, 88, 44, 46, 00, E8, 62, FB, FD, FF, 8B, 0D, F0, 54, 48, 00, 8B, 03, 8B, 15...
 
[+]

Entropy:
6.6201

Developed / compiled with:
Microsoft Visual C++

Code size:
520.5 KB (532,992 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Rackeys Broadband Usage Meter

Command:
C:\users\{user}\downloads\broadbandusagemeter.exe


The file BroadbandUsageMeter.exe has been seen being distributed by the following 6 URLs.

http://www.winsite.com/Internet/Misc/Broadband-Usage-Meter/.../585232

http://files.downloadnow.com/s/software/46/43/.../BroadbandUsageMeter.EXE

http://goo.gl/qYwAEL

http://software-files-a.cnet.com/s/software/46/43/.../BroadbandUsageMeter.EXE

http://download.softpedia.com/dl/7f78faa91173004cf462fa2b89baf1a9/55dc99df/100088767/software/.../BroadbandUsageMeter.exe

http://www.rackeys.com/Downloads/.../BroadbandUsageMeter.EXE

Scan BroadbandUsageMeter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.