home

scorpion1_2211-fbbc854f.exe

Adpeak, Inc.

This is the instaler for an an Adpeak program that shows ads in the browser without providing information about the ad's origin. Ads are injected as banners or text-links in random web pages. The application scorpion1_2211-fbbc854f.exe by Adpeak has been detected as adware by 20 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from the user's temporary directory.
Publisher:
Adpeak, Inc.  (signed and verified)

MD5:
f2d494b7eda3c9b448fc806e1fb2fb00

SHA-1:
489953699dc499f5ac3cf40dc5461a2dcb7c2178

SHA-256:
f0dea91d266cc55ca2dfb291817b2a6c88303debf3e41904951448dc2070bbcc

Scanner detections:
20 / 68

Status:
Adware

Explanation:
Injects advertisements in the web browser in the form or banner ads and popups.

Analysis date:
4/25/2024 6:27:59 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.136349
965

Agnitum Outpost
PUA.Adpeak
7.1.1

AVG
MalSign.Adpeak
2015.0.3443

Bitdefender
Gen:Variant.Adware.Graftor.136349
1.0.20.825

Comodo Security
ApplicUnwnt
18180

Dr.Web
Adware.Downware.1720
9.0.1.0165

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.136349
8.14.06.14.09

ESET NOD32
Win32/AdWare.Adpeak (variant)
8.9731

F-Secure
Gen:Variant.Adware.Graftor.136349
11.2014-14-06_7

G Data
Gen:Variant.Adware.Graftor.136349
14.6.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.6.1.0

K7 AntiVirus
Unwanted-Program
13.176.11907

Malwarebytes
PUP.Optional.Adpeak
v2014.06.14.09

McAfee
Artemis!F2D494B7EDA3
5600.7099

MicroWorld eScan
Gen:Variant.Adware.Graftor.136349
15.0.0.495

NANO AntiVirus
Trojan.Win32.Adpeak.ctyrbn
0.28.0.59492

Panda Antivirus
Trj/CI.A
14.06.14.09

Reason Heuristics
PUP.Adpeak.X
14.8.7.17

Sophos
AdPeak
4.98

VIPRE Antivirus
Adware.Adpeak
28650

File size:
541 KB (553,968 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\scorpion1_2211-fbbc854f.exe

Digital Signature
Signed by:
Adpeak, Inc.

Authority:
DigiCert Inc

Valid from:
7/17/2013 7:00:00 PM

Valid to:
9/24/2014 7:00:00 AM

Subject:
CN="Adpeak, Inc.", O="Adpeak, Inc.", L=Sarasota, S=Florida, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0E4C86026B3F1F3BDBEDF4DA58E8FF09

File PE Metadata
Compilation timestamp:
7/14/2013 3:09:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:xiMO5C0cKDpdh4RphM6H/jpiQa/dFWmTzjFuV+u2nETUo89vHRnR+/e:DO5ncKDqR06Gl9TzjFEMvZR+/e

Entry address:
0x31DD

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 08, A3, 58, 4F, 43, 00, E8, 95, 2E, 00, 00, A3, A4, 4E, 43, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, B8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, A0, 3E, 43, 00, E8, 00, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, EE, 2A, 00, 00...
 
[+]

Entropy:
7.9724

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

Remove scorpion1_2211-fbbc854f.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.