» RebateInf.exe
Overview
Analysis
File Details
Programs (1)

RebateInf.exe

RebateInformer

Inbox.com, Inc

The application RebateInf.exe by Inbox.com, Inc has been detected as a potentially unwanted program by 8 anti-malware scanners. This file is typically installed with the program RebateInformer by Inbox.com, Inc. which is a potentially unwanted software program.

File name:

RebateInf.exe

Publisher:

Inbox.com, Inc. (signed by Inbox.com, Inc)

Product:

RebateInformer

Version:

1.0.0.106

MD5:

6747c46fb10f8e34c1eacfd6f21ac908

SHA-1:

c92e35bc30cff16a9eb21c22123a5f940c2dccc3

SHA-256:

a64544bc7a28f32ca1b32e821372f6f0bdcc410ce090f3b7553184a6c603ee26

Scanner detections:

8 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 4:21:29 AM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Troj.Crypt.XPACK.Gen3

2.1.4+

Baidu Antivirus

Adware.Win32.Inbox

4.0.3.14107

ESET NOD32

Win32/Toolbar.Inbox (variant)

8.9178

Malwarebytes

PUP.Optional.RebateInformer.A

v2014.08.29.12

McAfee

Artemis!EFDDAFB6B7D3

5600.6985

Reason Heuristics

PUP.Inbox.J

14.8.29.0

Trend Micro House Call

TROJ_GEN.F47V0724

7.2.241

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

File size:

1.5 MB (1,542,280 bytes)

Product version:

1.0.0.106

Original file name:

RebateInf.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\rebateinformer\rebateinf.exe

Digital Signature

Signed by:

Inbox.com, Inc

Authority:

Thawte, Inc.

Valid from:

8/28/2011 7:00:00 PM

Valid to:

9/4/2013 6:59:59 PM

Subject:

CN="Inbox.com, Inc", OU=INBOX.COM, O="Inbox.com, Inc", L=Wilmington, S=DELAWARE, C=US

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

263A9EA35EE9217F9233ABD64FC388C0

File PE Metadata

Compilation timestamp:

4/4/2013 8:53:33 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:RFqQ/hNTGkakYt3mFlH3VuC4PL7/49M5Mjkwai4MFs/c2CPB5R6DgjN7xWWnD:RFj7Gk7Yt2/XS34KaacFs/tCPXRpNgW

Entry address:

0x8B878

Entry point:

55, 8B, EC, 83, C4, F0, B8, 60, A3, 48, 00, E8, 90, BB, F7, FF, E8, FF, E0, FF, FF, E8, 96, 96, F7, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.6265

Developed / compiled with:

Microsoft Visual C++

Code size:

553 KB (566,272 bytes)

The file RebateInf.exe has been discovered within the following programs.

RebateInformer by Inbox.com, Inc.

RebateInformer (RebateGiant) is a web browser plugin for Internet Explorer that monitors the web pages the user is visiting and checks against an affiliate database for various rebates and coupons related to the context of the products being shown in the browser.

www.rebateinformer.com

86% remove it

Remove RebateInf.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.