home

ce vx824 [trusted download].exe

EliteCom LLC

The application ce vx824 [trusted download].exe by EliteCom has been detected as adware by 33 anti-malware scanners.
Publisher:
EliteCom LLC  (signed and verified)

MD5:
b0430503b76e5b7326e97de4c86e9527

SHA-1:
b733e419b67e70bbde88dc2d726b553d11cf77f1

SHA-256:
7b94d32a8a319236af8acb450a288df5fd74992582ed865a247795466dcddba4

Scanner detections:
33 / 68

Status:
Adware

Analysis date:
4/18/2024 1:55:46 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.470051
6467926

Agnitum Outpost
Adware.WinPump
7.1.1

AhnLab V3 Security
Adware/Win32.FileHunter
2015.02.23

Avira AntiVirus
TR/Dropper.Gen
7.11.212.24

avast!
WinPump-G [PUP]
150203-1

AVG
Generic5_c
2016.0.3190

Bitdefender
Application.Generic.470051
1.0.20.265

Bkav FE
W32.WinPumpB.Adware
1.3.0.6379

Clam AntiVirus
Adware.Soge
0.98/20090

Comodo Security
ApplicUnwnt.Win32.AdWare.WinPump.~W
21175

Dr.Web
hacktool program Tool.WinPump.11, is hacktool program Tool.WinPump.11
9.0.1.05190

Emsisoft Anti-Malware
Application.Generic.470051
9.0.0.4799

ESET NOD32
Win32/Adware.WinPump.V application
7.0.302.0

Fortinet FortiGate
PossibleThreat
2/22/2015

F-Prot
W32/Banker.T.gen
4.6.5.141

F-Secure
Riskware.Application.Generic.470051
5.13.68

G Data
Application.Generic.470051
15.2.25

K7 AntiVirus
Adware
13.197.15043

Kaspersky
not-a-virus:Downloader.Win32.FileHunter
15.0.0.543

Malwarebytes
PUP.Optional.FileHunter
v2015.02.22.05

MicroWorld eScan
Application.Generic.470051
16.0.0.159

NANO AntiVirus
Riskware.Win32.WinPump.cjedgz
0.30.0.296

Norman
Application.Generic.470051
03.12.2014 13:20:04

nProtect
Trojan/W32.Agent.4122800
15.02.17.01

Qihoo 360 Security
Malware.Radar03.Gen
1.0.0.1015

Quick Heal
Trojan.NSIS.Adload.A
2.15.14.00

Reason Heuristics
PUP.EliteCom
15.2.22.17

Sophos
PUA 'WinPump Installer' (of type Adware)
5.10

Vba32 AntiVirus
Riskware.WinPump
3.12.26.3

VIPRE Antivirus
Threat.4743607
37588

Zillya! Antivirus
Downloader.FileHunter.Win32.17
2.0.0.2078

File size:
3.9 MB (4,122,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ce vx824 [trusted download].exe

Digital Signature
Signed by:
EliteCom LLC

Authority:
VeriSign, Inc.

Valid from:
5/24/2011 2:00:00 AM

Valid to:
5/24/2012 1:59:59 AM

Subject:
CN=EliteCom LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=EliteCom LLC, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0D46ED94C2490FD92EB443BD7FC803C9

File PE Metadata
Compilation timestamp:
9/21/2011 9:36:49 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:Sg7kumfY67cfCxv6mfO4tMj0OxG0DznrdN:Lafcf6i8TONDPd

Entry address:
0x14C4BC

Entry point:
55, 8B, EC, 83, C4, F0, B8, 4C, 40, 54, 00, E8, 7C, E3, EB, FF, A1, AC, 57, 55, 00, 8B, 00, E8, 40, E7, F6, FF, A1, AC, 57, 55, 00, 8B, 00, B2, 01, E8, 6E, 04, F7, FF, A1, AC, 57, 55, 00, 8B, 00, BA, 2C, C5, 54, 00, E8, 3D, E1, F6, FF, 8B, 0D, CC, 59, 55, 00, A1, AC, 57, 55, 00, 8B, 00, 8B, 15, 24, 2D, 54, 00, E8, 21, E7, F6, FF, A1, AC, 57, 55, 00, 8B, 00, E8, 65, E8, F6, FF, E8, 58, 9E, EB, FF, B0, 04, 02, 00, FF, FF, FF, FF, 0A, 00, 00, 00, 46, 00, 69, 00, 6C, 00, 65, 00, 48, 00, 75, 00, 6E, 00, 74, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.3 MB (1,355,776 bytes)

Remove ce vx824 [trusted download].exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.