home

package_speeditup_installer_multilang.exe

speeditup

Tuto4PC.com

This is the Eorezo installer which may include software offers for unwanted programs including toolbars. The application package_speeditup_installer_multilang.exe, “speeditup Setup ” by Tuto4PC.com has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the Eorezo Downloader installer. It is also typically executed from the user's temporary directory.
Publisher:
Software   (signed by Tuto4PC.com)

Product:
speeditup

Description:
speeditup Setup

MD5:
f67578cddfaff41b6b38d41c7773a5ce

SHA-1:
5d9d77a91bcee733ddb646b3f910671db3fe5e82

SHA-256:
e6aabc4ca3d67a124251f0d00b055b6f85da1c4c1ffd3d89c94cda504c9debc3

Scanner detections:
22 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/19/2024 9:39:59 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Eorezo.BZ
799

AhnLab V3 Security
PUP/Win32.Eorezo
2014.11.11

Avira AntiVirus
ADWARE/EoRezo.Gen
7.11.188.194

avast!
Adware-ASG [PUP]
141119-1

AVG
Generic
2015.0.3277

Baidu Antivirus
Adware.Win32.EoRezo
4.0.3.141128

Bitdefender
Adware.Eorezo.BZ
1.0.20.1660

Dr.Web
Adware.Eorezo.414
9.0.1.05190

Emsisoft Anti-Malware
Adware.Eorezo.BZ
9.0.0.4570

ESET NOD32
Win32/AdWare.EoRezo.AW application
7.0.302.0

Fortinet FortiGate
Riskware/EoRezo
11/28/2014

F-Secure
Adware.Eorezo.BZ
11.2014-28-11_6

G Data
Adware.Eorezo.BZ
14.11.24

IKARUS anti.virus
PUA.EoRezo
t3scan.1.8.3.0

K7 AntiVirus
Adware
13.185.14134

Malwarebytes
PUP.Optional.Tuto4PC.A
v2014.11.28.03

MicroWorld eScan
Adware.Eorezo.BZ
15.0.0.996

nProtect
Adware.Eorezo.BZ
14.11.25.01

Reason Heuristics
PUP.Installer.Tuto4PC.f
14.11.28.3

Sophos
Generic PUA MO
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-RemoteAdmin
10211

VIPRE Antivirus
Tuto4PC
35118

File size:
433.2 KB (443,600 bytes)

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Eorezo Downloader (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\package_speeditup_installer_multilang.exe

Digital Signature
Signed by:
Tuto4PC.com

Authority:
GlobalSign nv-sa

Valid from:
10/27/2014 8:32:39 AM

Valid to:
12/7/2015 11:27:40 AM

Subject:
E=contact@tuto4pc.com, CN=Tuto4PC.com, O=Tuto4PC.com, L=Paris, S=Ile-de-France, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214E18677190942D49073E30C52D17C351

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:8QiGWdSthwC9UiQ+MBTlPadSfXioRcpMXVJo:8QijOmC9UMMBTlP0QjcpMXVJo

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9253

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

Remove package_speeditup_installer_multilang.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.