home

registrof.exe

BR SOFTWARE LLC

The application registrof.exe by BR SOFTWARE has been detected as adware by 10 anti-malware scanners.
Publisher:
BR SOFTWARE LLC  (signed and verified)

MD5:
e06fb281f1c165fdbafe86264d0b6d4a

SHA-1:
f7ec5252f9364d3dd365b29e29245802a48de881

SHA-256:
d019d33a1a23e83dde8892288251f29d03cb5e1132eec06f09728f1a5af9cd10

Scanner detections:
10 / 68

Status:
Adware

Analysis date:
4/25/2024 6:09:12 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/PcMega.E.2
7.11.128.164

avast!
Win32:Downloader-RPH [Adw]
2014.9-140202

AVG
MalSign.Skodna
2015.0.3575

Comodo Security
UnclassifiedMalware
17718

ESET NOD32
Win32/Adware.PCMega (variant)
8.9371

herdProtect (fuzzy)
variant of registro1.exe (Adware)
2014.4.6.4

IKARUS anti.virus
AdWare.Win32.Downloader
t3scan.2.2.29

Reason Heuristics
PUP.BRSOFTWARE.J
14.3.29.10

SUPERAntiSpyware
Trojan.Agent/Gen-Downloader
10808

VIPRE Antivirus
Trojan.Win32.Generic
26064

File size:
424.8 KB (435,016 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\acelerador de downloads\registrof.exe

Digital Signature
Signed by:
BR SOFTWARE LLC

Authority:
GlobalSign nv-sa

Valid from:
10/7/2012 4:09:51 PM

Valid to:
6/9/2015 7:58:43 PM

Subject:
CN=BR SOFTWARE LLC, O=BR SOFTWARE LLC, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112102230C0982E220E5F9C53BBC68858B38

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:woOTWYBkf0aIVW6Xa53BIqKHTO80Ohbdk:JChkf01VXa5qqKz24m

Entry address:
0x5A1F8

Entry point:
55, 8B, EC, 83, C4, F0, B8, D8, 9F, 45, 00, E8, 44, BD, FA, FF, A1, 0C, C1, 45, 00, 8B, 00, E8, 8C, 6C, FF, FF, 8B, 0D, 04, C2, 45, 00, A1, 0C, C1, 45, 00, 8B, 00, 8B, 15, 8C, 9C, 45, 00, E8, 8C, 6C, FF, FF, A1, 0C, C1, 45, 00, 8B, 00, E8, 00, 6D, FF, FF, E8, 97, 9B, FA, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
357 KB (365,568 bytes)

Remove registrof.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.