» o9re-markablew.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

o9re-markablew.exe

The application o9re-markablew.exe has been detected as adware by 14 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program Re-Markable by Revizer Technologies which is a potentially unwanted software program.

File name:

o9re-markablew.exe

MD5:

170cf06a74365d3a7a8f3be228248f19

SHA-1:

f51c6db00d54918918b600a06622e2e8b2dd44d0

SHA-256:

d727768a8ccfdd52613acf666a38b0bf9306f954822be1763f6177fdbd8d6e59

Scanner detections:

14 / 68

Status:

Adware

Analysis date:

4/25/2024 11:37:56 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.146923

928

Avira AntiVirus

Adware/AddLyrics.BA

7.11.162.212

avast!

Win32:Adware-gen [Adw]

2014.9-140722

AVG

Generic5

2015.0.3406

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.14722

Bitdefender

Gen:Variant.Adware.Graftor.146923

1.0.20.1015

Comodo Security

Application.Win32.Adware.WDUnlocker.A

18896

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.146923

8.14.07.22.04

ESET NOD32

Win32/AdWare.AddLyrics.AW (variant)

8.10120

F-Secure

Gen:Variant.Adware.Graftor.146923

11.2014-22-07_3

G Data

Gen:Variant.Adware.Graftor.146923

14.7.24

MicroWorld eScan

Gen:Variant.Adware.Graftor.146923

15.0.0.609

Reason Heuristics

Threat.Win.Reputation.IMP

14.7.22.4

Trend Micro House Call

TROJ_GEN.R08NH09GH14

7.2.203

File size:

96 KB (98,304 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\di1re-markable\o9re-markablew.exe

File PE Metadata

Compilation timestamp:

7/15/2014 9:31:45 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:7ei9WyQ8DdDeZywNXcUPokcQDDJ6JsWjcd9+96rLjNE:7ei9Wy/0pCgomDX9+96P5

Entry address:

0x43E4

Entry point:

E8, 44, 40, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 60, 40, 41, 00, 33, C5, 89, 45, FC, 83, 7D, 08, FF, 57, 74, 09, FF, 75, 08, E8, 28, 1C, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, 88, 41, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC... 
[+]

Entropy:

5.6467

Code size:

46.5 KB (47,616 bytes)

Scheduled Task

Task name:

Re-Markable_wd

Trigger:

Daily (Runs daily at 12:47 PM)

The file o9re-markablew.exe has been discovered within the following program.

Re-Markable by Revizer Technologies

Re-Markable is an advertising injecting web browser addon that displays ads on web pages not associated with the program. It does this by using a local proxy server to route all web traffic through and display ads in the forms of banner ads, video ads and text-links.

re-markable.net

80% remove it

Remove o9re-markablew.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.