home

prolific usb serial comm port driver windows 7.exe

article or multiprocessor information

Sergey Panov

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application prolific usb serial comm port driver windows 7.exe by Sergey Panov has been detected as adware by 39 anti-malware scanners. The program is a setup application that uses the WebPick InstalleRex installer. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.
Publisher:
SQL  (signed by Sergey Panov)

Product:
article or multiprocessor information

Version:
2.2.0.0

MD5:
45752701b0c9f17b5baad9ea47268cd1

SHA-1:
54fdf67022ede136dd2820343d14b386410afdec

SHA-256:
19f7be30fa3e769a58bcd18c1205c7daa23a7d399d7aa1a47f8ee884181d8f30

Scanner detections:
39 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/24/2024 12:29:58 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Win32.Sality.3
947

Agnitum Outpost
Win32.Sality.FA.Gen
7.1.1

AhnLab V3 Security
Win32/Kashu.E
2014.06.24

Avira AntiVirus
W32/Sality.AT
7.11.30.172

avast!
Win32:Sality
2014.9-140702

AVG
Win32/Sality
2015.0.3425

Baidu Antivirus
Virus.Win32.Sality.$Emu
4.0.3.1472

Bitdefender
Win32.Sality.3
1.0.20.915

Bkav FE
W32.Sality.PE
1.3.0.4959

Comodo Security
Application.Win32.Multiplug.R
18650

Dr.Web
Trojan.Crossrider.24070
9.0.1.0183

Emsisoft Anti-Malware
Win32.Sality
8.14.07.02.02

ESET NOD32
Win32/Sality.NBA virus
8.7.0.302.0

F-Prot
W32/Sality.gen2
v6.4.6.5.141

F-Secure
Win32.Sality.3
11.2014-02-07_4

G Data
Win32.Sality
14.7.24

IKARUS anti.virus
PUP.InstallRex
t3scan.1.6.1.0

K7 AntiVirus
Virus
13.180.12498

Kaspersky
Virus.Win32.Sality
14.0.0.3622

Malwarebytes
PUP.Optional.MultiPlug.A
v2014.07.02.02

McAfee
W32/Sality.gen.z
5600.7081

Microsoft Security Essentials
Threat.Undefined
1.177.578.0

MicroWorld eScan
Win32.Sality.3
15.0.0.549

NANO AntiVirus
Virus.Win32.Sality.bzkem
0.28.0.60475

Norman
Sality.ZHB
11.20140702

nProtect
Win32.Sality.3
14.06.23.01

Panda Antivirus
W32/Sality.AA
14.07.02.02

Qihoo 360 Security
Malware.QVM19.Gen
1.0.0.1015

Quick Heal
W32.Sality.U
7.14.14.00

Reason Heuristics
PUP.SergeyPanov.o
14.7.3.1

Rising Antivirus
PE:PUF.Graftor!1.9C49
23.00.65.14630

Sophos
Mal/Sality-D
4.98

Total Defense
Win32/Sality.AA
37.0.11018

Trend Micro House Call
PE_SALITY.ER
7.2.183

Trend Micro
PE_SALITY.ER
10.465.02

Vba32 AntiVirus
Virus.Win32.Sality.bakb
3.12.26.3

VIPRE Antivirus
Threat.4758034
29708

ViRobot
Win32.Sality.N
2011.4.7.4223

Zillya! Antivirus
Virus.Sality.Win32.20
2.0.0.1835

File size:
748.2 KB (766,128 bytes)

Product version:
2.2.0.0

Copyright:
Copyright (c) 2014

Original file name:
so and

File type:
Executable application (Win32 EXE)

Bundler/Installer:
WebPick InstalleRex

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\prolific usb serial comm port driver windows 7.exe

Digital Signature
Signed by:
Sergey Panov

Authority:
COMODO CA Limited

Valid from:
9/25/2013 4:00:00 PM

Valid to:
9/26/2014 3:59:59 PM

Subject:
CN=Sergey Panov, O=Sergey Panov, STREET=Nevsky 34, L=Hiev, S=centr, PostalCode=03062, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
67EDB237B456844DA741B5D82EEC432C

File PE Metadata
Compilation timestamp:
6/18/2014 6:53:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:6dOc5Y/8ePQq3nfXg88/v/AGeGTn97/Yaux15i36sgMu9NPHlTVyLQ:6djfePQUPqoGeGTN/25i8JbPHlTsQ

Entry address:
0x15AEB

Entry point:
E8, 87, 7C, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 38, C1, 42, 00, E8, 6F, 0D, 00, 00, E8, A2, 03, 00, 00, 0F, B7, F0, 6A, 02, E8, 1A, 7C, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 53, 45, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.7740  (probably packed)

Code size:
129 KB (132,096 bytes)

The file prolific usb serial comm port driver windows 7.exe has been seen being distributed by the following URL.

http://applicationgrabb.net/7bc260ee70321cd83811ad2eb6dfb8ec/Pa1/dl.php?id=1404284938318682249&r=http://dowcnloadboox.info/.../?&q=Prolific Usb Serial Comm Port Driver Windows 7&product_name=Prolific Usb Serial Comm Port Driver Windows 7&installer_file_name=Prolific Usb Serial Comm Port Driver Windows 7&cor=1&q=Prolific Usb Serial Comm Port Driver Windows 7&__rnd=9ef50806e899ef3d7d415b23a6819798

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to r1.stylezip.info  (54.186.255.26:80)

TCP (HTTP):
Connects to c1.stylezip.info  (54.186.255.26:80)

 
http://c1.stylezip.info/?step_id=1&installer_id=7277768&publisher_id=277&source_id=0&page_id=0&country_code=US&locale=US&browser_id=4&download_id=21833304&external_id=0&session_id=43666608&hardware_id=50944376&installer_file_name=prolific+usb+serial+comm+port+driver+windows+7

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.