» compilercontextualindex.exe
Overview
Analysis
File Details
Behaviors (1)

compilercontextualindex.exe

The application compilercontextualindex.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 23562 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host.

File name:

MD5:

bbcbc3a6e4ffbcd2ac8a3744e1133350

SHA-1:

09af8cc7a1eae599d3261dabf9f450ff6bc14094

SHA-256:

5a533f061e3e85fc1e7e1ed92e354a471b429377a653185d360a7cd75bc3be34

Scanner detections:

21 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 9:46:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.704998

870

Agnitum Outpost

PUA.Tirrip

7.1.1

Avira AntiVirus

Adware/Tirrip.ai

7.11.169.186

avast!

Win32:Adware-BXJ [Adw]

2014.9-140917

AVG

Adware Generic5

2015.0.3348

Baidu Antivirus

Adware.Win32.Pirrit

4.0.3.14917

Bitdefender

Application.Generic.704998

1.0.20.1300

Clam AntiVirus

Win.Adware.Tirrip

0.98/21411

Emsisoft Anti-Malware

Application.Generic.704998

8.14.09.17.09

ESET NOD32

Win32/AdWare.Pirrit.C application

8.7.0.302.0

F-Prot

W32/A-14d715a4

v6.4.7.1.166

F-Secure

Application.Generic.704998

11.2014-17-09_4

G Data

Application.Generic.704998

14.9.24

IKARUS anti.virus

PUA.Pirrit

t3scan.1.7.8.0

K7 AntiVirus

Adware

13.183.13198

MicroWorld eScan

Application.Generic.704998

15.0.0.780

NANO AntiVirus

Riskware.Win32.Tirrip.dekojw

0.28.2.62151

Panda Antivirus

Trj/Genetic.gen

14.09.17.11

Vba32 AntiVirus

AdWare.Tirrip

3.12.26.3

VIPRE Antivirus

Threat.4150696

32210

Zillya! Antivirus

Adware.Tirrip.Win32.24

2.0.0.1926

File size:

225.5 KB (230,949 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\freewarewordwizard\compilercontextualindex.exe

File PE Metadata

Compilation timestamp:

8/21/2014 8:34:53 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:BQ41lgo3MdffjbPtb7aeLf3dSX0TLuifKyz7O3jAu7:BQ4Kff/tbh3dy0TLuOK0O3jAu7

Entry address:

0x1CC29

Entry point:

E8, C5, 04, 00, 00, E9, 63, FD, FF, FF, CC, FF, 25, 3C, 81, 42, 00, FF, 25, 30, 81, 42, 00, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 40, 58, 43, 00, 89, 0D, 3C, 58, 43, 00, 89, 15, 38, 58, 43, 00, 89, 1D, 34, 58, 43, 00, 89, 35, 30, 58, 43, 00, 89, 3D, 2C, 58, 43, 00, 66, 8C, 15, 58, 58, 43, 00, 66, 8C, 0D, 4C, 58, 43, 00, 66, 8C, 1D, 28, 58, 43, 00, 66, 8C, 05, 24, 58, 43, 00, 66, 8C, 25, 20, 58, 43, 00, 66, 8C, 2D, 1C, 58, 43, 00, 9C, 8F, 05, 50, 58, 43, 00, 8B, 45, 00, A3, 44, 58, 43, 00, 8B, 45... 
[+]

Code size:

155 KB (158,720 bytes)

Local Proxy Server

Proxy for:

Internet Settings

Local host address:

http://127.0.0.1:23562/

Local host port:

23562

Default credentials:

Remove compilercontextualindex.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.