home

ccffacebooksetup-v1.51.exe

Chit Chat For Facebook

Athena IT Limited

The application ccffacebooksetup-v1.51.exe, “Chit Chat For Facebook Setup ” by Athena IT Limited has been detected as adware by 21 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
ChitChat.org.uk   (signed by Athena IT Limited)

Product:
Chit Chat For Facebook

Description:
Chit Chat For Facebook Setup

Version:
1.51

MD5:
affd93c40ef1209ac5f0d8230cf42c1f

SHA-1:
cf3a338853c06a93641a78acadeb89ece9f098b9

SHA-256:
870335c6e1cd9fd9652f0a794bb97aa6dcb8b9b03616b2a2b0597fef4e6caa93

Scanner detections:
21 / 68

Status:
Adware

Analysis date:
5/31/2024 4:02:59 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Relevant.BH
845

Avira AntiVirus
ADSPY/NaviPromo.J
7.11.148.228

avast!
Win32:PUP-gen [PUP]
2014.9-141012

AVG
RelevantKnowledge
2015.0.3323

Bitdefender
Adware.Relevant.BH
1.0.20.1425

Bkav FE
W32.Clod346.Trojan
1.3.0.4959

Comodo Security
ApplicUnwnt
18252

Dr.Web
Trojan.DownLoader7.55414
9.0.1.0285

Emsisoft Anti-Malware
Adware.Relevant.BH
8.14.10.12.06

ESET NOD32
Win32/Adware.MarketScore
8.9783

Fortinet FortiGate
Riskware/RK
10/12/2014

F-Secure
Adware.Relevant.BH
11.2014-12-10_1

G Data
Adware.Relevant.BH
14.10.24

K7 AntiVirus
Unwanted-Program
13.177.12041

Kaspersky
not-a-virus:Monitor.Win32.RK
14.0.0.3111

MicroWorld eScan
Adware.Relevant.BH
15.0.0.855

NANO AntiVirus
Trojan.Win32.Relevant.cbpeni
0.28.0.59608

nProtect
Adware.Relevant.BH
14.05.09.01

Reason Heuristics
PUP.Installer.AthenaITLimited.V
14.10.12.18

Rising Antivirus
PE:Trojan.Win32.Generic.149993EF!345609199
23.00.65.141010

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.0

File size:
4.6 MB (4,776,984 bytes)

Product version:
1.51

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ccffacebooksetup-v1.51.exe

Digital Signature
Signed by:
Athena IT Limited

Authority:
COMODO CA Limited

Valid from:
10/4/2012 3:00:00 AM

Valid to:
10/5/2013 2:59:59 AM

Subject:
CN=Athena IT Limited, O=Athena IT Limited, STREET=3 Oakapple Close, STREET=Wanborough, L=Swindon, S=Wiltshire, PostalCode=SN4 0EW, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5D66146D8B2A521181D5445267EC317C

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:RnTGEQpgdSjsp1z8Lmz8F1lLd44d93++TNFoRzvYRwPy076OBvFBvE:VTT/Isp1EmzwWC9OMNqpARwKz6FBc

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9956

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

Remove ccffacebooksetup-v1.51.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.