home

de53e11c-56b8-465f-aaa2-b946adbde5ef.exe

Adpeak, Inc.

This is the instaler for an an Adpeak program that shows ads in the browser without providing information about the ad's origin. Ads are injected as banners or text-links in random web pages. The application de53e11c-56b8-465f-aaa2-b946adbde5ef.exe by Adpeak has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory.
Publisher:
Adpeak, Inc.  (signed and verified)

MD5:
2db7b793f7ec390a90708950016d3e3b

SHA-1:
4d5383382386a87a312a38aa4a7873d74aac844d

SHA-256:
99c6e51c746b24e00bf03e65acfcdcd03d71e6f09d7137a35a962a328f851f16

Scanner detections:
26 / 68

Status:
Adware

Explanation:
Injects advertisements in the web browser in the form or banner ads and popups.

Analysis date:
4/27/2024 2:01:49 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Adpeak
7.1.1

AhnLab V3 Security
Win-PUP/Adpeak
2015.10.12

Avira AntiVirus
ADWARE/Adware.Gen
8.3.2.2

Arcabit
Trojan.Adware.Graftor.D2149D
1.0.0.582

avast!
Win64:Adware-S [PUP]
2014.9-151104

AVG
Adpeak
2016.0.2936

Bitdefender
Gen:Variant.Adware.Graftor.136349
1.0.20.1540

Bkav FE
W32.HfsAdware
1.3.0.7237

Clam AntiVirus
Win.Trojan.Generickd-1025
0.98/21511

Comodo Security
ApplicUnwnt
23396

Dr.Web
Adware.Downware.1720
9.0.1.0308

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.136349
8.15.11.04.08

ESET NOD32
Win32/AdWare.Adpeak (variant)
9.12390

F-Secure
Gen:Variant.Adware.Graftor
11.2015-04-11_4

G Data
Gen:Variant.Adware.Graftor.136349
15.11.25

IKARUS anti.virus
PUA.Adpeak
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.210.17497

Malwarebytes
PUP.Optional.AdPeak
v2015.11.04.08

McAfee
Artemis!2DB7B793F7EC
5600.6592

MicroWorld eScan
Gen:Variant.Adware.Graftor.136349
16.0.0.924

Panda Antivirus
Trj/CI.A
15.11.04.08

Reason Heuristics
PUP.Adpeak.Installer (M)
15.11.4.8

Sophos
AdPeak (PUA)
4.98

SUPERAntiSpyware
Adware.AdPeak/Variant
9528

Trend Micro House Call
TROJ_GE.89E47AF5
7.2.308

Trend Micro
TROJ_GE.89E47AF5
10.465.04

File size:
541.8 KB (554,768 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\de53e11c-56b8-465f-aaa2-b946adbde5ef.exe

Digital Signature
Signed by:
Adpeak, Inc.

Authority:
DigiCert Inc

Valid from:
7/17/2013 8:00:00 PM

Valid to:
9/24/2014 8:00:00 AM

Subject:
CN="Adpeak, Inc.", O="Adpeak, Inc.", L=Sarasota, S=Florida, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0E4C86026B3F1F3BDBEDF4DA58E8FF09

File PE Metadata
Compilation timestamp:
7/14/2013 4:09:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:/iMOsBocuJrdOlzVPx/qX6hNzZfG8SOkCTPkttAj1:JOsBocuJrd+HSKhppG8wCgM1

Entry address:
0x31DD

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 08, A3, 58, 4F, 43, 00, E8, 95, 2E, 00, 00, A3, A4, 4E, 43, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, B8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, A0, 3E, 43, 00, E8, 00, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, EE, 2A, 00, 00...
 
[+]

Entropy:
7.9729

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

Remove de53e11c-56b8-465f-aaa2-b946adbde5ef.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.