» senselesstv.exe
Overview
Analysis
File Details
Downloads (1)

senselesstv.exe

SenselessTV Video Plugin

Agam Berry

The application senselesstv.exe by Agam Berry has been detected as adware by 11 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This will display context specific advertisements in the browser as well as attempt to modify the browser's search provider. The file has been seen being downloaded from bfe517fbf0b3e5e34126-bd14266938826e12f4f5254a084f354a.r70.cf2.rackcdn.com.

File name:

senselesstv.exe

Publisher:

SenselessTV.com (signed by Agam Berry)

Product:

SenselessTV Video Plugin

Version:

1.0

MD5:

26c50c85c593200997982dbbed0ec244

SHA-1:

a440167d7c9239dfc4aebba182f3d38b651ef1a9

SHA-256:

c369777776a23694a2bc62863d59e4b047b523d24e7c4993cc5b6097e2bcf638

Scanner detections:

11 / 68

Status:

Adware

Explanation:

The installer may include an offer for the Babylon Toolbar (a homepage/search hijacker), which is potentially installed with minimal user consent.

Analysis date:

4/25/2024 9:28:56 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Toolbar.Babylon

7.1.1

AVG

Toolbar.Babylon

2015.0.3389

Dr.Web

Adware.Toolbar.26

9.0.1.0219

ESET NOD32

Win32/DownWare

8.9559

Fortinet FortiGate

W32/DL.31B7AA51!tr

8/7/2014

K7 AntiVirus

Trojan

13.176.11482

McAfee

Artemis!26C50C85C593

5600.7045

Reason Heuristics

PUP.AgamBerry.L

14.8.7.23

Sophos

Generic PUA KE

4.98

Trend Micro

TROJ_DL.31B7AA51

10.465.07

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

File size:

1.1 MB (1,127,928 bytes)

Trademarks:

SenselessTV.com

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\senselesstv.exe

Digital Signature

Signed by:

Agam Berry

Authority:

StartCom Ltd.

Valid from:

8/11/2012 4:08:20 PM

Valid to:

8/13/2014 5:01:23 PM

Subject:

E=admin@senseless.tv, CN=Agam Berry, L=Panchkula, S=Haryana, C=IN, Description=MdkS78g4D23HuXpp

Issuer:

CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:

06EE

File PE Metadata

Compilation timestamp:

12/5/2009 5:50:52 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:P6cFPiyAZphhVO9p0ELpiH3IkQkJoRu1AdX2806wdTRZQJ14ZQI:TFPiBpzVOIEQXq451AE6SRSJeSI

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file senselesstv.exe has been seen being distributed by the following URL.

http://bfe517fbf0b3e5e34126-bd14266938826e12f4f5254a084f354a.r70.cf2.rackcdn.com/SenselessTV.exe

Remove senselesstv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.