home

safepcrepairsetup.safepcrepair_89.mlkmakbbeomlgkkjjebogagaphdgpkgc.ch.exe

SafePCRepair

Mindspark Interactive Network

The application safepcrepairsetup.safepcrepair_89.mlkmakbbeomlgkkjjebogagaphdgpkgc.ch.exe, “SafePCRepair Setup” has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Setup Factory installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from ak.dl.safepcrepair.com.
Publisher:
Mindspark Interactive Network

Product:
SafePCRepair

Description:
SafePCRepair Setup

Version:
1.1.0.22

MD5:
2a1b7cf44dbc0ad9bf63b67ef8c3d203

SHA-1:
6ae17d928427e0c30199f69e4ebef5cebc7f0ed8

SHA-256:
fc14d02d69f31b6d10908360fed1517a6a944425c5860bda6057151407d06f5c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/24/2024 3:53:52 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.5.10.14

File size:
5.5 MB (5,720,534 bytes)

Product version:
1.1.0.22

Copyright:
© 2014 Mindspark Interactive Network, Inc. An IAC Company. All rights reserved.

Trademarks:
® & ™ Mindspark Interactive Network, Inc. An IAC Company. All rights reserved.

Original file name:
suf_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\downloads\safepcrepairsetup.safepcrepair_89.mlkmakbbeomlgkkjjebogagaphdgpkgc.ch.exe

File PE Metadata
Compilation timestamp:
8/27/2013 9:10:44 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:qhIm0gDHMxJ9d6uxcn4x8x1UGomgkUinzEdjQ1DPcJ5G0pzUb5Ea8Wx1xozOxh8:2ImhCL6uGCgev1ktnbdPc3fp25Ea8SS/

Entry address:
0x15000

Entry point:
90, BB, D9, E8, 39, 00, 90, 90, 68, 1C, 50, 41, 00, 5A, 90, 90, BF, 98, 05, 00, 00, 31, 1C, 3A, 83, EF, 02, 83, EF, 02, 75, F5, 31, 95, 38, 00, D9, E8, 39, 00, D9, E8, 79, 00, 38, C1, 39, 00, E9, 7B, 6D, 00, 0F, 71, 6D, 00, D9, 58, 3B, 00, D8, E8, 39, 00, D5, 98, 79, 00, 9D, 70, 79, 00, 97, 70, 79, 00, 75, 6A, 39, 00, 9B, 70, 39, 00, 95, 70, 39, 00, D5, B4, 39, 00, 9B, 70, 39, 00, 95, 70, 39, 00, D9, E8, 39, 00, D9, E8, 39, 00, C5, 98, 79, 00, D9, E8, 39, 00, D9, E8, 39, 00, D9, E8, 39, 00, D9, E8, 39, 00...
 
[+]

Code size:
22 KB (22,528 bytes)

The file safepcrepairsetup.safepcrepair_89.mlkmakbbeomlgkkjjebogagaphdgpkgc.ch.exe has been seen being distributed by the following URL.

http://ak.dl.safepcrepair.com/images/nocache/vicinio/executable-packages/SafePCRepair/1425916752826/.../SafePCRepairSetup.SafePCRepair_89.mlkmakbbeomlgkkjjebogagaphdgpkgc.ch.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.