dca-monitoring.exe

Compete DCA Monitoring Tool

Compete Inc

The application dca-monitoring.exe by Compete Inc has been detected as a potentially unwanted program by 5 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program Consumer Input (remove only) by Compete Inc. which is a potentially unwanted software program.
Publisher:
Compete, Inc.  (signed by Compete Inc)

Product:
Compete DCA Monitoring Tool

Version:
3.2.1.631

MD5:
ec4025f6b4b73e6a4d8bea6c5fec6101

SHA-1:
faa0a123260c852792a4e16fe77ef4b480ab81a3

SHA-256:
46453fb15572f401c440b54f0f79156ee3759a06b4afcb0cb04eaf715f1516af

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
12/13/2017 7:03:38 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

Dr.Web
Trojan.Damaged.1
9.0.1.0213

Reason Heuristics
PUP.Task.Compete.O
14.8.1.0

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10449

VIPRE Antivirus
Compete
29702

File size:
1 MB (1,082,240 bytes)

Product version:
3.2.1.631

Copyright:
(c) Compete, Inc. All rights reserved.

Original file name:
dca-monitoring.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\consumer input\monitoring\dca-monitoring.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
2/6/2012 7:00:00 PM

Valid to:
1/10/2015 6:59:59 PM

Subject:
CN=Compete Inc, OU=operations, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Compete Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4A4ACAE072F8065D9C03E2A2240975B0

File PE Metadata
Compilation timestamp:
5/22/2014 10:33:34 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:+a+oxTvXOT6JDK6uv/159Vu283fMg4Sq7Ak330N3:R+Ev9cnVP83fMg4kk38

Entry address:
0x985E9

Entry point:
E8, 0D, AE, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 51, 8B, 45, 0C, 57, 8B, 7D, 08, 85, C0, 74, 02, 89, 38, 85, FF, 75, 17, E8, 7A, 53, 00, 00, C7, 00, 16, 00, 00, 00, E8, EF, 72, 00, 00, 33, C0, E9, 90, 01, 00, 00, 83, 7D, 10, 00, 74, 0C, 83, 7D, 10, 02, 7C, DD, 83, 7D, 10, 24, 7F, D7, 83, 65, FC, 00, 53, 56, 6A, 08, 5B, 0F, B7, 37, 53, 56, 83, C7, 02, E8, EC, AF, 00, 00, 59, 59, 85, C0, 75, ED, 66, 83, FE, 2D, 75, 06, 83, 4D, 14, 02, EB, 06, 66, 83, FE, 2B, 75, 06, 0F, B7, 37, 83, C7, 02, 83...
 
[+]

Entropy:
6.5743

Code size:
757.5 KB (775,680 bytes)

Scheduled Task
Task name:
CIMT_SID

Trigger:
Daily (Runs daily at 10:16 PM)

Description:
Keeps dca-monitoring tool running.


The file dca-monitoring.exe has been discovered within the following program.

Consumer Input (remove only)  by Compete Inc.
Consumer Input is the collection and analytics software for Compete.com statistics for Microsoft Internet Explorer. Compete.com is a web traffic analysis service that publishes the approximate number of global visitors to the top web sites in the world.
www.consumerinput.com
61% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to ec2-54-174-111-151.compute-1.amazonaws.com  (54.174.111.151:443)

TCP (HTTP SSL):
Connects to unallocated.barefruit.co.uk  (92.242.140.21:443)

Remove dca-monitoring.exe - Powered by Reason Core Security