home

RankeyTB_install.EXE

Rankey Toolbar Installer

Mediachannel Inc.

This is a self-extracting archive and installer. The file has been seen being downloaded from toolbar.rankey.com and multiple other hosts.
Publisher:
Mediachannel Inc.  (signed and verified)

Product:
Rankey Toolbar Installer

Version:
7.0.0.4

MD5:
6a83e57fed19eeba1d25d349f351bebd

SHA-1:
14025990fd8c379cdf5e9bdcc6ca55f4dfcfa7eb

SHA-256:
b0b745a94ac7382bc0d0558f303c1402a536a619cefe4b9d2c987338e3aad4e1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 9:24:57 PM UTC  (today)

File size:
18.7 MB (19,562,240 bytes)

Product version:
7.0.0.4

Copyright:
Copyright MediaChannel Inc. All rights reserved

Trademarks:
MediaChannel

Original file name:
RankeyTB_install.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\rankeytb_install.exe

Digital Signature
Signed by:
Mediachannel Inc.

Authority:
GlobalSign nv-sa

Valid from:
6/22/2016 11:13:57 AM

Valid to:
6/22/2018 5:49:49 PM

Subject:
CN=Mediachannel Inc., O=Mediachannel Inc., L=Mapo-gu, S=Seoul, C=KR

Issuer:
CN=GlobalSign CodeSigning CA - G3, O=GlobalSign nv-sa, C=BE

Serial number:
4CD7B08363C42301D93E1D87

File PE Metadata
Compilation timestamp:
8/29/2016 2:31:52 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
393216:ZpaxWAdqQnUnL7XNk3aFYiFEz6j7lkn26F:ZpaxakziJj7lkfF

Entry address:
0x13DCE1

Entry point:
E8, 85, 88, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 14, 85, F6, 75, 04, 33, C0, EB, 6D, 8B, 45, 08, 85, C0, 75, 13, E8, B3, 25, 00, 00, 6A, 16, 5E, 89, 30, E8, 3A, 8F, 00, 00, 8B, C6, EB, 53, 57, 8B, 7D, 10, 85, FF, 74, 14, 39, 75, 0C, 72, 0F, 56, 57, 50, E8, D7, 18, 00, 00, 83, C4, 0C, 33, C0, EB, 36, FF, 75, 0C, 6A, 00, 50, E8, 45, 0A, 00, 00, 83, C4, 0C, 85, FF, 75, 09, E8, 72, 25, 00, 00, 6A, 16, EB, 0C, 39, 75, 0C, 73, 13, E8, 64, 25, 00, 00, 6A, 22, 5E, 89, 30, E8, EB, 8E, 00, 00, 8B, C6...
 
[+]

Entropy:
7.2505

Code size:
1.4 MB (1,480,704 bytes)

The file RankeyTB_install.EXE has been seen being distributed by the following 2 URLs.

http://toolbar.rankey.com/.../toolbar_download.php?nvy_ver=6.0001&br=IE

http://toolbar.rankey.com/.../toolbar_download.php

Scan RankeyTB_install.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.