» flowers pack 1.0 setup.exe
Overview
Analysis
File Details

flowers pack 1.0 setup.exe

PowerOfSOftware Ltd.

The application flowers pack 1.0 setup.exe by PowerOfSOftware has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.

File name:

Publisher:

PowerOfSOftware Ltd. (signed and verified)

MD5:

e58a2f564e0a792c7ab959f4ccd1e08c

SHA-1:

babc50c9b6c9512221326c9f34b3f233d34d0612

SHA-256:

8be0f807b4ac7759a704d434bc16adb67d91a08260e9e5d31dd1ff3c6f1ea08f

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 11:17:17 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Installer.PowerOfSOftware.V

14.7.27.14

SUPERAntiSpyware

Adware.RelevantKnowledge

10566

File size:

2.2 MB (2,343,496 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

PowerOfSOftware Ltd.

Authority:

VeriSign, Inc.

Valid from:

11/14/2012 5:00:00 PM

Valid to:

11/15/2013 4:59:59 PM

Subject:

CN=PowerOfSOftware Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=PowerOfSOftware Ltd., L=Rison Le-Ziyyon, S=ISRAEL, C=IL

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

71932DC939C36251EE6F4F64D0086F55

File PE Metadata

Compilation timestamp:

7/31/2010 8:32:56 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

49152:Q+fq2R5m5YopsWpJe47ztZv+CjIzj9i+ScZ8Jrvmj:Q+fZkYG1e41ZGQSjc+ScZwrej

Entry address:

0x29432

Entry point:

55, 8B, EC, 6A, FF, 68, 88, C8, 42, 00, 68, C0, 8C, 42, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 38, C1, 42, 00, 33, D2, 8A, D4, 89, 15, 20, 39, 48, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 1C, 39, 48, 00, C1, E1, 08, 03, CA, 89, 0D, 18, 39, 48, 00, C1, E8, 10, A3, 14, 39, 48, 00, 33, F6, 56, E8, E0, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 33, 14, 00, 00, FF, 15, 0C, C1, 42, 00, A3, 20, 3E, 48, 00, E8... 
[+]

Entropy:

7.9712

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

171 KB (175,104 bytes)

Remove flowers pack 1.0 setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.