» speedcleanerse.exe
Overview
Analysis
File Details
Behaviors (1)

speedcleanerse.exe

speedcleaner service 응용 프로그램

Akorea

The application speedcleanerse.exe by Akorea has been detected as adware by 26 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “speedcleaner Service”.

File name:

speedcleanerse.exe

Publisher:

Akorea (signed and verified)

Product:

speedcleaner service 응용 프로그램

Version:

1, 0, 0, 1

MD5:

e549edaf224406db65fa9c75f2ec5f7c

SHA-1:

669532a8e8916182b98f0fdc2670f82074f1a76c

SHA-256:

b097b9f42c22473c7a27465c1d5288aab467e5889f34cffe1fd3ee3f3aadf982

Scanner detections:

26 / 68

Status:

Adware

Analysis date:

4/19/2024 1:59:56 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.573652

442

Agnitum Outpost

PUA.Kraddare

7.1.1

Avira AntiVirus

Adware/Kraddare.IA.2

7.11.216.228

avast!

Win32:Adware-AZQ [Adw]

2014.9-151120

AVG

Generic5

2016.0.2920

Bitdefender

Application.Generic.573652

1.0.20.1620

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

ApplicUnwnt

21392

ESET NOD32

Win32/Adware.Kraddare.EB (variant)

9.11313

Fortinet FortiGate

Riskware/Kraddare

11/20/2015

F-Secure

Application.Generic.573652

11.2015-20-11_6

G Data

Application.Generic.573652

15.11.25

IKARUS anti.virus

AdWare.Kraddare

t3scan.1.8.6.0

K7 AntiVirus

Adware

13.200.15253

Malwarebytes

Rogue.SpeedCleaner

v2015.11.20.04

McAfee

Artemis!E549EDAF2244

5600.6576

MicroWorld eScan

Application.Generic.573652

16.0.0.972

NANO AntiVirus

Riskware.Win32.Kraddare.czkkih

0.30.0.296

Norman

FakeAV.CSSA

11.20151120

Qihoo 360 Security

Win32/Virus.Adware.43e

1.0.0.1015

Reason Heuristics

PUP.Akorea (M)

15.11.20.4

Rising Antivirus

PE:Trojan.Win32.Generic.158D3938!361576760

23.00.65.151118

SUPERAntiSpyware

Trojan.Agent/Gen-FraudScan

9497

Trend Micro House Call

TROJ_GEN.R0CBC0EHK14

7.2.324

Trend Micro

TROJ_GEN.R0CBC0EHK14

10.465.20

VIPRE Antivirus

Trojan.Win32.Generic

38386

File size:

157.5 KB (161,296 bytes)

Product version:

1, 0, 0, 1

Original file name:

speedcleanerse.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\speedcleaner\speedcleanerse.exe

Digital Signature

Signed by:

Akorea

Authority:

Thawte, Inc.

Valid from:

5/5/2012 9:00:00 AM

Valid to:

7/5/2013 8:59:59 AM

Subject:

CN=Akorea, O=Akorea, L=Haeundae-gu, S=BUSAN, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2FAE031CEAF57B56615A3998DEB1D1FD

File PE Metadata

Compilation timestamp:

5/30/2013 9:22:28 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

9.0

CTPH (ssdeep):

3072:Au+OXr5vLE+VVNVkxoBdt/DSMNKJ4b1FrpV55TdCl7:LpNDE+HNVSoBdtrSMN44b1F1V3Q7

Entry address:

0xE056

Entry point:

E8, 91, 89, 00, 00, E9, A4, FE, FF, FF, 6A, 0C, 68, C8, 34, 42, 00, E8, 48, 1F, 00, 00, 83, 65, E4, 00, 8B, 75, 08, 3B, 35, 20, 97, 42, 00, 77, 22, 6A, 04, E8, BD, 80, 00, 00, 59, 83, 65, FC, 00, 56, E8, D4, 91, 00, 00, 59, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 09, 00, 00, 00, 8B, 45, E4, E8, 54, 1F, 00, 00, C3, 6A, 04, E8, B8, 7F, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, FE, E0, 0F, 87, A1, 00, 00, 00, 53, 57, 8B, 3D, E8, E0, 41, 00, 83, 3D, 8C, 95, 42, 00, 00, 75, 18, E8, 96, 82, 00... 
[+]

Entropy:

6.5058

Code size:

114 KB (116,736 bytes)

Service

Display name:

speedcleaner Service

Service name:

speedcleanerService

Type:

Win32OwnProcess

Remove speedcleanerse.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.