» c4f70.exe
Overview
Analysis
File Details

c4f70.exe

The application c4f70.exe has been detected as a potentially unwanted program by 22 anti-malware scanners. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

c4f70.exe

MD5:

0a3b73cf2a9d36bd10786c64db04aa76

SHA-1:

b1ab1469edf79fdb68ab11fe76f5781dcda7dceb

SHA-256:

cec148d4b09b139023947bf7acf869fb9c34d9d6774f76ff67c566413450433c

Scanner detections:

22 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/19/2024 7:51:37 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Adware.CrossRider.DP

5737402

Avira AntiVirus

TR/ATRAPS.Gen4

8.3.2.2

Arcabit

Adware.CrossRider.DP

1.0.0.568

avast!

Win32:Adware-CTG [PUP]

151004-0

AVG

Win32/DH{TjZX?}

2016.0.2966

Bitdefender

Adware.CrossRider.DP

1.0.20.1385

Emsisoft Anti-Malware

Adware.CrossRider.DP

10.0.0.5366

ESET NOD32

Win32/Toolbar.CrossRider.BX potentially unwanted application

7.0.302.0

F-Secure

Adware.CrossRider.DP

5.14.151

G Data

Adware.CrossRider.DP

15.10.25

Kaspersky

not-a-virus:HEUR:AdWare.Win32.CrossRider

15.0.0.543

Malwarebytes

PUP.Optional.CrossRider

v2015.10.04.10

MicroWorld eScan

Adware.CrossRider.DP

16.0.0.831

Norman

Adware.CrossRider.DP

03.12.2014 13:20:04

nProtect

Adware.CrossRider.DP

15.10.02.01

Panda Antivirus

Trj/Genetic.gen

15.10.04.10

Qihoo 360 Security

Win32/Trojan.2c0

1.0.0.1015

Quick Heal

PUA.Adwapper.02118

10.15.14.00

Rising Antivirus

PE:Malware.RDM.00!5.6[F1]

23.00.65.151002

Sophos

Generic PUA LB (PUA)

4.98

SUPERAntiSpyware

Adware.Crossrider/Variant

9589

VIPRE Antivirus

Threat.4657539

43798

File size:

199.5 KB (204,288 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\windows\syswow64\c4f70.exe

File PE Metadata

Compilation timestamp:

10/3/2015 11:09:28 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:q2DMkTpF7cqE/KmLLdJf3VssL+UYWEq6vs1C8/ehoraNUX6TzLGYf:cup1cNiwn6sLw7vs1C8/ehoraNUXizq

Entry address:

0x11894

Entry point:

E8, CD, 69, 00, 00, E9, 7F, FE, FF, FF, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 54, 16, 33, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 58, 01, 33, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 54, 16, 33, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00, 0F, 85, B8, 01, 00, 00, F7, C6, 03, 00... 
[+]

Entropy:

6.5071

Code size:

146.5 KB (150,016 bytes)

Remove c4f70.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.