» homepage.exe
Overview
Analysis
File Details

homepage.exe

Home Page

CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti

The file homepage.exe by CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Sti has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

homepage.exe

Publisher:

CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti (signed and verified)

Product:

Home Page

Version:

1.0.0.0

MD5:

7726a4f11f858b5eae13debe2ec9d04f

SHA-1:

d9aee2a1ec9f9f7ea2161053a77109583904d713

SHA-256:

f60e4a66222a1bdb2fb9935ac70856db747492ab17b664348b7b865638f998e5

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

5/4/2024 6:37:19 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.CNTBilisimTeknolojisipazrekturltlhTicSti (M)

15.12.27.8

File size:

14.8 KB (15,192 bytes)

Product version:

1.0.0.0

Original file name:

Home Page.exe

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\homepage.exe.fzlnuuq.partial

Digital Signature

Signed by:

CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti

Authority:

COMODO CA Limited

Valid from:

2/5/2014 7:00:00 PM

Valid to:

2/5/2017 6:59:59 PM

Subject:

CN=CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti, O=CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti, STREET=273/1 Sk. Mansuroglu Mah. Narlibahce Sit. No:6 B1 Blok Daire:2, L=Izmir, S=Izmir, PostalCode=35030, C=TR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00FD38E0D9B8EC881E28CC1693FCA30FC5

File PE Metadata

Compilation timestamp:

12/15/2015 9:16:56 AM

OS version:

4.0

OS bitness:

Win64

Subsystem:

Windows Console

Linker version:

48.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

192:wdELlsH2pXyIcHDk9Q1qq00Zr9SvWb9+A8H738LWM1bKDBg2l5XZU:jsHnIcHDpSWb9Z8z81KD55XZU

Entry address:

0x2F6A

Entry point:

4D, 5A, 90, 00, 03, 00, 00, 00, 04, 00, 00, 00, FF, FF, 00, 00, B8, 00, 00, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 00, 00, 00, 0E, 1F, BA, 0E, 00, B4, 09, CD, 21, B8, 01, 4C, CD, 21, 54, 68, 69, 73, 20, 70, 72, 6F, 67, 72, 61, 6D, 20, 63, 61, 6E, 6E, 6F, 74, 20, 62, 65, 20, 72, 75, 6E, 20, 69, 6E, 20, 44, 4F, 53, 20, 6D, 6F, 64, 65, 2E, 0D, 0D, 0A, 24, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

4 KB (4,096 bytes)

Remove homepage.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.