home

genieo.exe

Genieo Platfrom

Genieo Innovation LTD

The application genieo.exe by Genieo Innovation has been detected as a potentially unwanted program by 2 anti-malware scanners.
Publisher:
Genieo Innovation Ltd.  (signed by Genieo Innovation LTD)

Product:
Genieo Platfrom

Version:
0.9.104.0

MD5:
9725efec3be1b1dd1c2fd96b9b7ba285

SHA-1:
18516ad11cab8d6f76396727c458c3ab81b40b35

SHA-256:
fce2b75010bdb99755cb8ae9563c63d41cbd1fca737ae9b09adc33e3097c75be

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Inserts ads in the web browser and modifies the home page. "Genieo Innovation’s Software may include advertisements, which may be targeted to the content or information on the Software, queries made through the Software, or from other information. You agree that we and our third party providers and partners may place advertising on our Software or in connection with the display of content or information on our Software." (EULA)

Analysis date:
4/19/2024 11:12:09 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Genieo Innovation LTD
2017.0.2842

Reason Heuristics
PUP.GenieoInnovation (M)
16.2.5.23

File size:
47.4 KB (48,552 bytes)

Product version:
0.9.104.0

Copyright:
(C) 2009 Genieo Innovation Ltd.

Original file name:
genieo.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\genieo\application\engine\bin\genieo.exe

Digital Signature
Signed by:
Genieo Innovation LTD

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
2/8/2010 7:00:00 PM

Valid to:
2/8/2012 6:59:59 PM

Subject:
CN=Genieo Innovation LTD, O=Genieo Innovation LTD, L=Herzliah, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
2E479E66C397C49FA9F82D47B7227317

File PE Metadata
Compilation timestamp:
10/3/2010 2:34:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
768:L/ToGvEZu+0L2HEjVlyjMkx/TwksnOEtJD+8SvZUhkKY9qhg:IGtgHEjSNTwksnntN+zUhkl06

Entry address:
0x1290

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 9C, 12, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, DC, 12, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, C4, 12, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, BA, 80, 00, 00, 00, 89, E5, 57, 31, C0, 8D, BD, E8, FE, FF, FF, 56, 53, 81, EC, 1C, 01, 00, 00, 89, 54, 24, 08, 89, 44, 24, 04, 89, 3C, 24, E8, B7, 3F, 00, 00, 89, 7C, 24, 04, C7, 04, 24, 18, 00, 00, 00, E8, 07, 0B, 00, 00, 85, C0, 0F, 84, 7C, 00, 00...
 
[+]

Packer / compiler:
MingWin32

Code size:
18 KB (18,432 bytes)

Remove genieo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.