» descargar3.exe
Overview
Analysis
File Details
Programs (1)

descargar3.exe

Zorba Networks SL

The application descargar3.exe by Zorba Networks SL has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program RechercherWeb Toolbar by Conduit Ltd. which is a potentially unwanted software program.

File name:

descargar3.exe

Publisher:

Zorba Networks SL (signed and verified)

Version:

1,0,0,0

MD5:

f23f640cb842c9b602e54f751caa81c0

SHA-1:

49845c72d647d5a9be275757d9c2e87ceb95fe51

SHA-256:

d98949fcbe355d4fc141f16bd9a37f34c644acdc661dc8951ec6d7edeb51d4c3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 1:15:16 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ZorbaNetworks (M)

16.2.4.4

File size:

2.7 MB (2,869,976 bytes)

Product version:

1,0,0,0

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\rechercherweb toolbar\descargar3.exe

Digital Signature

Signed by:

Zorba Networks SL

Authority:

The USERTRUST Network

Valid from:

12/1/2010 1:00:00 AM

Valid to:

12/2/2011 12:59:59 AM

Subject:

CN=Zorba Networks SL, O=Zorba Networks SL, STREET=Jativa 11, L=Madrid, S=Madrid, PostalCode=28007, C=ES

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

00F76718D8D4283725CF8801D7DED56F05

File PE Metadata

Compilation timestamp:

11/8/2010 2:12:00 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.50

CTPH (ssdeep):

49152:Ft0a0epQBeIrl1DCx5s1e7nf2AZ6nU4NctCLhDvNbEDe9yxhO+:wa0B3Cx5A+nf2AZEXNaC1Dqp

Entry address:

0x2D02D0

Entry point:

60, BE, 15, 60, 41, 00, 8D, BE, EB, AF, FE, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, E1, 99, 2C, 00, 57, 83, C3, 04, 53, 68, B6, A2, 2B, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

2.7 MB (2,863,104 bytes)

The file descargar3.exe has been discovered within the following program.

RechercherWeb Toolbar by Conduit Ltd.

This is a Conduit toolbar installed in the user's Web browsers (IE, Chrome and Firefox) that collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide ads via the toolbar.

64% remove it

Remove descargar3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.