home

ccffacebooksetup-v1.454.exe

Chit Chat For Facebook

Athena IT Limited

The application ccffacebooksetup-v1.454.exe, “Chit Chat For Facebook Setup ” by Athena IT Limited has been detected as adware by 21 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
ChitChat.org.uk   (signed by Athena IT Limited)

Product:
Chit Chat For Facebook

Description:
Chit Chat For Facebook Setup

Version:
1.454

MD5:
ea3660e82beaffd144be70df9326a67e

SHA-1:
081bcb95189ec884a50f45c1636d6f65bc38440c

SHA-256:
844f3f97719b7b798996b32650dd47a3d5e4723e0dda44828f3ea465a64ccb3e

Scanner detections:
21 / 68

Status:
Adware

Analysis date:
4/26/2024 6:43:11 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Dropped:Adware.Relevant.CA
454

Avira AntiVirus
ADSPY/NaviPromo.J
7.11.215.236

avast!
Win32:PUP-gen [PUP]
2014.9-151108

AVG
Skodna.Generic_c
2016.0.2932

Bitdefender
Dropped:Adware.Relevant.CA
1.0.20.1560

Comodo Security
UnclassifiedMalware
21366

Dr.Web
Trojan.DownLoader7.55414
9.0.1.0312

Emsisoft Anti-Malware
Dropped:Adware.Relevant.CA
8.15.11.08.10

ESET NOD32
Win32/Adware.MarketScore
9.11300

Fortinet FortiGate
Riskware/RK
11/8/2015

F-Secure
Dropped:Adware.Relevant.CA
11.2015-08-11_1

G Data
Dropped:Adware.Relevant.CA
15.11.25

K7 AntiVirus
Adware
13.200.15223

Kaspersky
not-a-virus:Monitor.Win32.RK
14.0.0.1153

MicroWorld eScan
Dropped:Adware.Relevant.CA
16.0.0.936

NANO AntiVirus
Trojan.Win32.Relevant.crgfum
0.30.0.296

Norman
RelevantKnowledge.A
11.20151108

nProtect
Dropped:Adware.Relevant.CA
15.03.10.01

Reason Heuristics
PUP.AthenaIT.Installer (M)
15.11.8.10

Rising Antivirus
PE:Trojan.Win32.Generic.12BA6426!314205222
23.00.65.151106

Zillya! Antivirus
Adware.RK.Win32.412
2.0.0.2093

File size:
3.7 MB (3,862,448 bytes)

Product version:
1.454

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\ccffacebooksetup-v1.454.exe

Digital Signature
Signed by:
Athena IT Limited

Authority:
COMODO CA Limited

Valid from:
12/8/2011 1:00:00 AM

Valid to:
12/8/2012 12:59:59 AM

Subject:
CN=Athena IT Limited, O=Athena IT Limited, STREET=3 Oakapple Close, STREET=Wanborough, L=Swindon, S=Wiltshire, PostalCode=SN4 0EW, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008454067F555736D1BA816D7AFE42CE92

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:I98GEQpTqdFiylaKNVhX3YqF+gua++T9J312ARd5+vSS6sLDeu:u8T0DyQqVSQYMPx5FKLl

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file ccffacebooksetup-v1.454.exe has been seen being distributed by the following URL.

http://files.chitchat.org.uk/CCFFacebookSetup-v1.454.exe

Remove ccffacebooksetup-v1.454.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.