» pchealthboost-setupi.exe
Overview
Analysis
File Details

pchealthboost-setupi.exe

PCHealthBoost-Setup

Boost Software Inc

The application pchealthboost-setupi.exe, “PCHealthBoost Stub Installer KEN2-V ” by Boost Software Inc has been detected as a potentially unwanted program by 12 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore monetization download manager to download additional third party applications that may be unwanted by the user.

File name:

Publisher:

BoostSoftware Inc. (signed by Boost Software Inc)

Product:

PCHealthBoost-Setup

Description:

PCHealthBoost Stub Installer KEN2-V

Version:

2.1.1.11

MD5:

dd3bf4e03f85deca9d9edc116b09355a

SHA-1:

d27f5071abbaeaad3d26d9c1ba7da29e8d7aaadd

SHA-256:

49105d9ad72de5039c176cdeaff77c24f3eb44d5a482a76e637eed9da1e616d6

Scanner detections:

12 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 5:35:14 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Boostsoft

2017.0.2832

Dr.Web

riskware program Program.Unwanted.733

9.0.1.046

ESET NOD32

Detection.Undefined

10.7.0.302.0

G Data

Win32.Application.PCHealthBoost

16.2.25

IKARUS anti.virus

PUA.PCSpeedBoost

t3scan.1.8.9.0

K7 AntiVirus

Riskware

13.200.15223

Reason Heuristics

Win32.Generic

16.2.15.17

Rising Antivirus

PE:AdWare.Win32.Eorezo.a!1075356178

23.00.65.16213

Sophos

PUA 'Install Core Click run software'

5.21

Total Defense

Win32/PCHealth.VFOFfAD

37.1.62.1

Vba32 AntiVirus

Signed-Riskware.PCHealthBoost

3.12.26.3

Zillya! Antivirus

Trojan.Virlock.Win32.29883

2.0.0.2548

File size:

2.8 MB (2,925,848 bytes)

Product version:

2.1.1.11

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\pchealthboost-setupi.exe

Digital Signature

Signed by:

Boost Software Inc

Authority:

VeriSign, Inc.

Valid from:

3/12/2013 5:00:00 PM

Valid to:

4/11/2016 4:59:59 PM

Subject:

CN=Boost Software Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Boost Software Inc, L=Boston, S=Massachusetts, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

747D07834340AFF7F43E2259B7F02CBC

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:N9WbUzsIBrCGilUfNBI6KeCwjfjJjdkq/phI5jyBKAzjaM8iQRn/W68d9fyNmW5n:7WbUQ2rCGiluNBVXCwrjJ5HbkBSjaM84

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9817

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

Remove pchealthboost-setupi.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.