home

infoatoms.exe2771d61f

InfoAtoms

InfoAtoms Inc.

This is part of the InfoAtoms browser extension which will display variopus forms of advertising in the web browser by injecting new ads such as banner, text-links and search results. The file infoatoms.exe2771d61f, “InfoAtoms Installer” by InfoAtoms has been detected as adware by 26 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory.
Publisher:
InfoAtoms Inc.  (signed and verified)

Product:
InfoAtoms

Description:
InfoAtoms Installer

Version:
1.6.0.0

MD5:
97374cd4b834b85e7642dc6bcbfb4c78

SHA-1:
313b160c0b877b443bbfd01a11ca81bf188edf22

SHA-256:
1fd389c0ad6da0336d53d01a12b8a677040598fbab8e75c70843238ce987f4f2

Scanner detections:
26 / 68

Status:
Adware

Analysis date:
4/19/2024 5:17:53 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.InfoAtoms.A
861

Agnitum Outpost
Adware.InfoAtoms
7.1.1

Avira AntiVirus
Adware/InfoAtoms.A
7.11.172.156

avast!
Win32:InfoAtoms-A [Adw]
2014.9-140926

Bitdefender
Adware.InfoAtoms.A
1.0.20.1345

Comodo Security
ApplicUnwnt
19531

Dr.Web
Adware.Plugin.70
9.0.1.0269

Emsisoft Anti-Malware
Adware.InfoAtoms
8.14.09.26.10

ESET NOD32
Win32/AdWare.Vitruvian (variant)
8.10426

F-Secure
Adware.InfoAtoms.A
11.2014-26-09_6

G Data
Adware.InfoAtoms
14.9.24

IKARUS anti.virus
AdWare.Win32.InfoAtoms
t3scan.1.7.8.0

K7 AntiVirus
Adware
13.183.13393

McAfee
Artemis!97374CD4B834
5600.6995

Microsoft Security Essentials
Adware:Win32/InfoAtoms
1.11005

MicroWorld eScan
Adware.InfoAtoms.A
15.0.0.807

NANO AntiVirus
Trojan.Win32.Plugin.cultss
0.28.2.62151

nProtect
Adware.InfoAtoms.A
14.09.16.01

Panda Antivirus
Trj/CI.A
14.09.26.10

Qihoo 360 Security
Win32/Virus.Adware.ce0
1.0.0.1015

Quick Heal
AdWare.InfoAtoms.r5 (Not a Virus)
9.14.14.00

Reason Heuristics
PUP.Installer.InfoAtoms.R
14.9.26.22

Sophos
Generic PUA EN
4.98

Trend Micro House Call
TROJ_SPNR.0BFR13
7.2.269

Trend Micro
TROJ_SPNR.0BFR13
10.465.26

VIPRE Antivirus
InfoAtoms
33174

File size:
1.1 MB (1,194,192 bytes)

Product version:
1.6.0.0

Copyright:
Copyright 2012 InfoAtoms Inc.

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\ares_lfea_nload_html_103\software\infoatoms.exe2771d61f

Digital Signature
Signed by:
InfoAtoms Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
4/12/2012 2:06:59 PM

Valid to:
4/3/2013 4:35:07 PM

Subject:
CN=InfoAtoms Inc., O=InfoAtoms Inc., L=La Jolla, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
04788136C18C1C

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:OaqU7NGmCteR1fT4Bn5Ay/VfpKDRKUebE:xZ7NGmZfTC9VEoE

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9842

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove infoatoms.exe2771d61f - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.