» mysearchdial.exe
Overview
Analysis
File Details

mysearchdial.exe

MySearchDial

MDS

The application mysearchdial.exe, “Setup ” by MDS has been detected as adware by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. It is also typically executed from the user's temporary directory.

File name:

mysearchdial.exe

Publisher:

Setup © (signed by MDS)

Product:

MySearchDial

Description:

Setup

Version:

2.18.4.0

MD5:

89825befd01d63d27bc867847a7d0c3a

SHA-1:

0832800856700f014a36c7491a701b5c269a9a6a

SHA-256:

7618d0e4fa8f9476be51d9acc5fa1aa896e3eeaa6b56d535330cc335ebe026fc

Scanner detections:

2 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:

4/25/2024 11:13:11 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Installer.MDS

15.5.30.8

Vba32 AntiVirus

Downware.InstallCore

3.12.24.3

File size:

1.9 MB (2,012,904 bytes)

Product version:

2.18.4.0

Original file name:

MySearchDial_2.18.4.0.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\13929691_stp\mysearchdial.exe

Digital Signature

Signed by:

MDS

Authority:

COMODO CA Limited

Valid from:

2/2/2014 6:00:00 PM

Valid to:

2/3/2015 5:59:59 PM

Subject:

CN=MDS, O=MDS, STREET=28 Lilinblum St., L=Tel-Aviv, S=Israel, PostalCode=6513307, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B95CED86999C43270B036A9868F2DF3E

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:b8meB09TLnq0n7TnrrbFPh/Tm0qBhvll3ISMi:ojB01nPnrrxPh/Tm0U4c

Entry address:

0x78B1C

Entry point:

55, 8B, EC, 83, C4, F0, B8, EC, 87, 47, 00, E8, 34, EC, F8, FF, 33, C0, E8, 65, EB, FF, FF, E8, 78, C3, F8, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

479 KB (490,496 bytes)

Remove mysearchdial.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.