home

sba.exe

W

Speed-Bit LTD

The application sba.exe by Speed-Bit has been detected as a potentially unwanted program by 8 anti-malware scanners.
Publisher:
.  (signed by Speed-Bit LTD)

Product:
W

Description:
agent

Version:
2, 1, 0, 65

MD5:
d4621eaeea9df15751aae9337b150c27

SHA-1:
5f455b758058850aeec6d47e1ced58c312acce9d

SHA-256:
4984a48c64effa7c6d1f4db11e4abbe044002b28da5b537263a3aa47c8292620

Scanner detections:
8 / 68

Status:
Potentially unwanted

Explanation:
May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage).

Analysis date:
4/29/2024 2:43:26 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Skodna
2015.0.3354

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.14911

Dr.Web
Adware.Searcher.2656
9.0.1.05190

IKARUS anti.virus
PUA.OptionalInst.Goobzo
t3scan.1.6.1.0

McAfee
Artemis!6B04E049355F
5600.7010

Reason Heuristics
Threat.Win.Reputation.IMP
14.9.11.13

Trend Micro House Call
Suspicious_GEN.F47V0627
7.2.254

VIPRE Antivirus
Goobzo
31164

File size:
123.6 KB (126,584 bytes)

Product version:
2, 1, 0, 65

Copyright:
Copyright (C) 2012

Original file name:
sba.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\common files\speedbit\sbupdate\sba.exe

Digital Signature
Signed by:
Speed-Bit LTD

Authority:
Thawte, Inc.

Valid from:
7/25/2012 8:00:00 PM

Valid to:
9/3/2014 7:59:59 PM

Subject:
CN=Speed-Bit LTD, OU=SECURE APPLICATION DEVELOPMENT, O=Speed-Bit LTD, L=Haifa, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
699AEB21842CD56CA7A7FC71BB394361

File PE Metadata
Compilation timestamp:
4/15/2014 4:23:51 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
3072:nKWA/6zh+gyaUAsmm9jetJ9h9yMRMHl+TaBLbT6uuGOKrv:nnyVADmhepHr6yuuGOK7

Entry address:
0xD074

Entry point:
48, 83, EC, 28, E8, 27, 03, 00, 00, 48, 83, C4, 28, E9, 86, FD, FF, FF, CC, CC, 48, 89, 4C, 24, 08, 48, 81, EC, 88, 00, 00, 00, 48, 8D, 0D, 65, F6, 00, 00, FF, 15, 57, 50, 00, 00, 4C, 8B, 1D, 50, F7, 00, 00, 4C, 89, 5C, 24, 58, 45, 33, C0, 48, 8D, 54, 24, 60, 48, 8B, 4C, 24, 58, E8, B5, 05, 00, 00, 48, 89, 44, 24, 50, 48, 83, 7C, 24, 50, 00, 74, 41, 48, C7, 44, 24, 38, 00, 00, 00, 00, 48, 8D, 44, 24, 48, 48, 89, 44, 24, 30, 48, 8D, 44, 24, 40, 48, 89, 44, 24, 28, 48, 8D, 05, 10, F6, 00, 00, 48, 89, 44, 24...
 
[+]

Entropy:
5.8578

Code size:
64.5 KB (66,048 bytes)

Remove sba.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.