home

ccffacebooksetup-v1.53.exe

Chit Chat For Facebook

Athena IT Limited

The application ccffacebooksetup-v1.53.exe, “Chit Chat For Facebook Setup ” by Athena IT Limited has been detected as adware by 15 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
ChitChat.org.uk   (signed by Athena IT Limited)

Product:
Chit Chat For Facebook

Description:
Chit Chat For Facebook Setup

Version:
1.53

MD5:
9b582a84b18bc939727fcbc5b0e01089

SHA-1:
1e9492d68cd6e7e0d5fb509652d90cd71b908c36

SHA-256:
fe529b8b7321f6eeeeacbac0c1fcf47ae8612f00d842ec219fbac0ef3b6113fa

Scanner detections:
15 / 68

Status:
Adware

Analysis date:
4/23/2024 11:11:09 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Dropped:Adware.Relevant.CA
901

Avira AntiVirus
ADSPY/NaviPromo.J
7.11.166.250

avast!
Win32:PUP-gen [PUP]
2014.9-140817

AVG
RelevantKnowledge
2015.0.3379

Comodo Security
UnclassifiedMalware
19181

Dr.Web
Adware.Relevant.81
9.0.1.0229

ESET NOD32
Win32/Adware.MarketScore
8.10251

Fortinet FortiGate
Riskware/RK
8/17/2014

F-Secure
Dropped:Adware.Relevant.CA
11.2014-17-08_1

K7 AntiVirus
Adware
13.183.13043

Kaspersky
not-a-virus:HEUR:Monitor.Win32.RK
14.0.0.3392

MicroWorld eScan
Dropped:Adware.Relevant.CA
15.0.0.687

NANO AntiVirus
Trojan.Win32.Relevant.crgfum
0.28.2.61519

Reason Heuristics
PUP.Installer.AthenaITLimited.V
14.8.31.22

Trend Micro House Call
TROJ_GEN.F47V0526
7.2.229

File size:
5.8 MB (6,090,608 bytes)

Product version:
1.53

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ccffacebooksetup-v1.53.exe

Digital Signature
Signed by:
Athena IT Limited

Authority:
COMODO CA Limited

Valid from:
9/10/2013 5:00:00 PM

Valid to:
9/11/2015 4:59:59 PM

Subject:
CN=Athena IT Limited, O=Athena IT Limited, STREET=3 Oakapple Close, STREET=Wanborough, L=Swindon, S=Wiltshire, PostalCode=SN4 0EW, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
77A23924790352E85BE27B1F3714E36A

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:lrHEQL6oWbm7TJheVE837pMcw0ujB22++TcyxEhZZlzq9w3h3FPoe+:Vkyl7thG7pMcmwMlx01zl1QN

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file ccffacebooksetup-v1.53.exe has been seen being distributed by the following 4 URLs.

http://files.chitchat.org.uk/CCFFacebookSetup-v1.52.exe

http://files.chitchat.org.uk/CCFFacebookSetup-v1.436.exe

http://files.chitchat.org.uk/CCFFacebookSetup-v1.454.exe

http://files.chitchat.org.uk.s3.amazonaws.com/CCFFacebookSetup-v1.53.exe

Remove ccffacebooksetup-v1.53.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.