» SmartTipAgent.exe
Overview
Analysis
File Details
Behaviors (1)

SmartTipAgent.exe

SmartTipAgent

Maroin Co., Ltd

The application SmartTipAgent.exe, “Agent Application Tools” by Maroin Co. has been detected as adware by 10 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler named STSTART triggered to execute each time a user logs in.

File name:

SmartTipAgent.exe

Publisher:

Maroin (signed by Maroin Co., Ltd)

Product:

SmartTipAgent

Description:

Agent Application Tools

Version:

2.0.0.22

MD5:

b51eac993ccdc7cfb36b036ca0679542

SHA-1:

2c15e72117fff9ee63c63c28a9ead3f55dd88794

SHA-256:

92361ec5bc63bdce3be605d472a49fa0678fb75c1fc7f7d385a98913483273cd

Scanner detections:

10 / 68

Status:

Adware

Analysis date:

4/24/2024 10:25:31 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.2945

Comodo Security

UnclassifiedMalware

21637

Dr.Web

Trojan.Click3.10466

9.0.1.0298

IKARUS anti.virus

Trojan.Agent

t3scan.1.8.9.0

McAfee

Artemis!B51EAC993CCD

5600.6601

Norman

Kraddare.CERT

11.20151025

Reason Heuristics

PUP.MaroinCo (M)

15.10.25.14

Trend Micro House Call

TROJ_GEN.R047C0OAM15

7.2.298

Trend Micro

TROJ_GEN.R047C0OAM15

10.465.25

VIPRE Antivirus

Trojan.Win32.Generic

39026

File size:

3.3 MB (3,463,712 bytes)

Product version:

2.0.0.22

Original file name:

SmartTipAgent.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\smarttip\smarttipagent.exe

Digital Signature

Signed by:

Maroin Co., Ltd

Authority:

Thawte, Inc.

Valid from:

12/18/2013 9:00:00 AM

Valid to:

2/17/2016 8:59:59 AM

Subject:

CN="Maroin Co., Ltd", O="Maroin Co., Ltd", L=Haeundae-gu, S=Busan, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

5DF1E27BEBF6F3BA4B33632B858EC872

File PE Metadata

Compilation timestamp:

12/17/2014 3:05:40 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

98304:e5o6V6zfohWNghk9nGpbOY6BRhpFLOAkGkzdnEVomFHKnPiS:JwoNPGf6BRhpFLOyomFHKnPZ

Entry address:

0x11D42E

Entry point:

E8, 97, B1, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, D2, 58, 00, E8, 4C, 1F, 00, 00, E8, 64, B3, 00, 00, 0F, B7, F0, 6A, 02, E8, 2A, B1, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 3E, 98, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.7962

Code size:

1.3 MB (1,334,784 bytes)

Scheduled Task

Task name:

STSTART

Trigger:

Logon (Runs on logon)

Remove SmartTipAgent.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.