» k9safer-surfk96.exe
Overview
Analysis
File Details
Behaviors (1)

k9safer-surfk96.exe

The application k9safer-surfk96.exe has been detected as adware by 21 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.

File name:

k9safer-surfk96.exe

MD5:

90d77610771ba6f5d06bb81419fcbfc4

SHA-1:

1b84c2dc66ab7db7ecda3c1b633eafe81c75743e

SHA-256:

9897059100f683deacf5bea25b7e9daca712d98bcd23996638dfe634e8eb5969

Scanner detections:

21 / 68

Status:

Adware

Analysis date:

4/26/2024 3:18:10 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.150872

908

Agnitum Outpost

PUA.Agent

7.1.1

Avira AntiVirus

TR/Rogue.488448.1

7.11.167.154

avast!

Win32:Adware-gen [Adw]

2014.9-141001

Baidu Antivirus

Adware.Win32.Agent

4.0.3.14101

Bitdefender

Gen:Variant.Graftor.150872

1.0.20.1115

Emsisoft Anti-Malware

Gen:Variant.Graftor.150872

8.14.08.11.06

Fortinet FortiGate

Adware/Agent

10/1/2014

F-Secure

Trojan.GenericKD.1799873

11.2014-01-10_4

G Data

Gen:Variant.Graftor.150872

14.8.24

K7 AntiVirus

Riskware

13.183.13054

Kaspersky

not-a-virus:AdWare.Win32.Agent

15.0.0.494

MicroWorld eScan

Gen:Variant.Graftor.150872

15.0.0.669

NANO AntiVirus

Riskware.Win32.Agent.ddunga

0.28.2.61519

nProtect

Trojan.GenericKD.1799873

14.08.17.01

Panda Antivirus

Trj/Genetic.gen

14.08.11.06

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.1.0

Sophos

Generic PUA OK

4.98

Trend Micro House Call

TROJ_GEN.R047H07HA14

7.2.274

Vba32 AntiVirus

AdWare.Agent

3.12.26.3

VIPRE Antivirus

Threat.5063086

31208

File size:

477 KB (488,448 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\ver8safer-surf\k9safer-surfk96.exe

File PE Metadata

Compilation timestamp:

8/10/2014 8:14:16 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:tD18a75bExFkL027NqXLgrqhMPvzJanXvNruTlAwTda0cuQ:tD1z71mFWILguha9uXv5wFcuQ

Entry address:

0x30E2B

Entry point:

E8, 1D, D0, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, E0, F6, 45, 00, 75, 02, F3, C3, E9, 73, D2, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, AA, CA, 00, 00, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 94, CA, 00, 00, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 57, 8B, 7B, 08, 33, 3D, E0, F6, 45, 00, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8B, 07, 8D, 73, 10, 83, F8, FE, 74, 0D, 8B... 
[+]

Code size:

304.5 KB (311,808 bytes)

Scheduled Task

Task name:

Safer-Surf Update

Trigger:

Daily (Runs daily at 20:02)

Action:

k9safer-surfk96.exe \update

Remove k9safer-surfk96.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.