» cool.exe
Overview
Analysis
File Details

cool.exe

Supersoft

The application cool.exe by Supersoft has been detected as adware by 21 anti-malware scanners.

File name:

cool.exe

Publisher:

Supersoft (signed and verified)

Version:

0.0.0.0

MD5:

f0fa02f55f041e61b163ffba98525570

SHA-1:

03c8abae69f2ef761c74c4be1c3c2fa369001d49

SHA-256:

31202904d271aaec069abeb07a1936ccbd1f92a16e754061ef507317480ff538

Scanner detections:

21 / 68

Status:

Adware

Analysis date:

4/24/2024 10:20:33 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.98385

942

AhnLab V3 Security

Spyware/Win32.Zbot

2014.07.08

Avira AntiVirus

TR/Zusy.98385

7.11.158.200

avast!

Win32:Zbot-UFN [Trj]

2014.9-140707

Bitdefender

Gen:Variant.Zusy.98385

1.0.20.940

Emsisoft Anti-Malware

Gen:Variant.Zusy.98385

8.14.07.07.05

Fortinet FortiGate

W32/Kryptik.AHOB!tr

7/7/2014

F-Secure

Gen:Variant.Zusy.98385

11.2014-07-07_2

G Data

Gen:Variant.Zusy.98385

14.7.24

IKARUS anti.virus

Virus.Win32.Injector

t3scan.1.6.1.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3596

McAfee

RDN/Generic.dx!dds

5600.7076

Microsoft Security Essentials

VirTool:Win32/Injector.EU

1.10701

MicroWorld eScan

Gen:Variant.Zusy.98385

15.0.0.564

Panda Antivirus

Trj/CI.A

14.07.07.05

Qihoo 360 Security

Win32/Trojan.6e9

1.0.0.1015

Reason Heuristics

PUP.Supersoft.E

14.7.27.14

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.14705

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R047H07G714

7.2.188

Vba32 AntiVirus

Malware-Cryptor.Inject.gen

3.12.26.3

File size:

590.3 KB (604,456 bytes)

Product version:

0.0.0.0

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Supersoft

Authority:

Supersoft

Valid from:

9/30/2012 10:26:38 AM

Valid to:

1/1/2040 12:59:59 AM

Subject:

CN=Supersoft

Issuer:

CN=Supersoft

Serial number:

6B50254A40C7CFB14A405056B8F04272

File PE Metadata

Compilation timestamp:

10/26/2009 4:30:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:Ecn9QrmOBmslD5KOyt++VbChfxDewGdv+b:19KmOBFjQjVbChJD1Gd+

Entry address:

0x4001C80

Entry point:

55, 8B, EC, 33, C0, 5D, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

7.5 KB (7,680 bytes)

Remove cool.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.