home

smt_istartsurf.exe

1297_bxk1_webssearches

Li Mo

The application smt_istartsurf.exe by Li Mo has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
File Syn  (signed by Li Mo)

Product:
1297_bxk1_webssearches

Description:
FileWork

Version:
6.1.7602.748

MD5:
71b4044d0748f58602c80a6fc0ad24f6

SHA-1:
06c907dcc5e365ae6f1ec74c8469812237dec355

SHA-256:
91b9093910a91c16d5e19274a2aacce2dbbba479217ff62b77bc0b8d5c0ad350

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/9/2024 10:22:07 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
17.3.6.7

File size:
650.4 KB (665,976 bytes)

Product version:
6.1.7602.748

Copyright:
SynWork

Original file name:
SynWork.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\smt_istartsurf.exe

Digital Signature
Signed by:
Li Mo

Authority:
DigiCert Inc

Valid from:
8/3/2014 9:00:00 PM

Valid to:
8/12/2015 9:00:00 AM

Subject:
CN=Li Mo, O=Li Mo, L=Guilin, S=Guangxi, C=CN

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0ACFC920404BD14F120697BDFEE3E5C9

File PE Metadata
Compilation timestamp:
8/15/2014 2:47:17 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x2EF3F

Entry point:
02, 44, 85, C7, 09, 4B, 8D, CE, 10, 52, 94, D5, 17, 59, 9B, DD, 1E, 60, A2, E4, 25, 67, A9, EB, 2C, 6E, B0, F2, 34, 75, B7, F9, 3B, 7C, BE, 00, 42, 84, C5, 07, 49, 8B, CC, 0E, 50, 92, D4, 15, 57, 99, DB, 1C, 5E, A0, E2, 23, 65, A7, E9, 2B, 6C, AE, F0, 32, 73, B5, F7, 39, 7B, BC, FE, 40, 82, C3, 05, 47, 89, CB, 0C, 4E, 90, D2, 13, 55, 97, D9, 1A, 5C, 9E, E0, 22, 63, A5, E7, 29, 6A, AC, EE, 30, 72, B3, F5, 37, 79, BA, FC, 3E, 80, C2, 03, 45, 87, C9, 0A, 4C, 8E, D0, 12, 53, 95, D7, 19, 5A, 9C, DE, 20, 61, A3...
 
[+]

Code size:
481.5 KB (493,056 bytes)

Remove smt_istartsurf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.