home

koyotesofttoolbar.exe

Koyote Soft Toolbar v7.0

Spigot, Inc.

This component is part of the Spigot browser add-on, a web browser addition that is designed to modify the core search provider in order to redirect search queries through partner portals. The application koyotesofttoolbar.exe, “Setup Launcher Unicode” by Spigot has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Spigot Setup installer.
Publisher:
Spigot, Inc.  (signed and verified)

Product:
Koyote Soft Toolbar v7.0

Description:
Setup Launcher Unicode

Version:
7.0

MD5:
15da6b136ed83fd3635f067927aac34f

SHA-1:
a318d9cbc91202b66a693741113744f4b03f1e71

SHA-256:
d6ee670cbad23eada50e772dd59bf03407040ea30f43a7c633d094cbbce2fe08

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 1:44:51 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Spigot.Installer
17.2.4.17

File size:
4.8 MB (5,035,008 bytes)

Product version:
7.0

Copyright:
Copyright ?? 2005-2013 Spigot, Inc.

Original file name:
InstallShield Setup.exe

File type:
Executable application (Win32 EXE)

Installer:
Spigot Setup

Language:
English (United States)

Common path:
C:\windows\temp\koyotesofttoolbar.exe

Digital Signature
Signed by:
Spigot, Inc.

Authority:
VeriSign, Inc.

Valid from:
2/25/2012 9:00:00 PM

Valid to:
3/28/2015 8:59:59 PM

Subject:
CN="Spigot, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Spigot, Inc.", L=El Granada, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
494FF8E91607158CD480B23C615CFF8B

File PE Metadata
Compilation timestamp:
8/2/2010 1:52:15 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x681F8

Entry point:
E8, 71, 27, 01, 00, E9, 79, FE, FF, FF, 85, C0, 74, 0D, 33, C9, 85, C0, 0F, 9F, C1, 8D, 4C, 09, FF, 8B, C1, C3, 0F, B6, 00, 0F, B6, 09, 2B, C1, 74, 0D, 33, C9, 85, C0, 0F, 9F, C1, 8D, 4C, 09, FF, 8B, C1, C3, 66, 8B, 06, 66, 3B, 01, 74, 35, 0F, B6, 11, 0F, B6, C0, 2B, C2, 74, 11, 33, D2, 85, C0, 0F, 9F, C2, 8D, 54, 12, FF, 8B, C2, 85, C0, 75, 1C, 0F, B6, 46, 01, 0F, B6, 49, 01, 2B, C1, 74, 10, 33, C9, 85, C0, 0F, 9F, C1, 8D, 4C, 09, FF, 8B, C1, C3, 33, C0, C3, 8B, 06, 3B, 01, 74, 6F, 0F, B6, 11, 0F, B6, C0...
 
[+]

Code size:
684 KB (700,416 bytes)

Remove koyotesofttoolbar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.