home

speedfixtool-setup.exe

Speed Fix Tool

Fixbliss

The application speedfixtool-setup.exe, “This installer database contains the logic and data required to install Speed Fix Tool.” by Fixbliss has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from RevenueWire's SafeCart distribution platform adformula.speedfixtool.safecart.com and multiple other hosts.
Publisher:
Fixbliss  (signed and verified)

Product:
Speed Fix Tool

Description:
This installer database contains the logic and data required to install Speed Fix Tool.

Version:
2.5.4

MD5:
cf2addbce7e7afda43186723322d5d42

SHA-1:
500fe7ce4d63a659f4ffff4d5e220b52330cb351

SHA-256:
eaaa73f7e660497a10a1c05ca44eaea2270637b5cb9415664b7ae05b5de7f502

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/20/2024 3:14:02 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FixBliss.Optional.Installer.Meta (L)
15.8.26.16

File size:
6.1 MB (6,397,328 bytes)

Product version:
2.5.4

Copyright:
Copyright (C) 2014 FixBliss

Original file name:
SpeedFixToolSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\speedfixtool-setup.exe

Digital Signature
Signed by:
Fixbliss

Authority:
COMODO CA Limited

Valid from:
11/25/2013 7:00:00 PM

Valid to:
11/26/2014 6:59:59 PM

Subject:
CN=Fixbliss, O=Fixbliss, STREET="K. Donelaičio g. 62, Kauno m", L=Kupiskis, S=Kupiskis, PostalCode=40113, C=LT

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0081D31A0F55D47E5F29A0AD98D6DC5D0F

File PE Metadata
Compilation timestamp:
2/9/2014 5:29:26 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
98304:cwcB2+iNJyfN5XK7esrPGbE+Fh8Vks9HUwxAU9ISS50gRmFpH1/tRkVorC6enrMj:31C5XiruZ8DjxJIz0umFpV/7wCCXrMj

Entry address:
0xB888A

Entry point:
E8, D9, C9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 7F, FB, FF, FF, 83, C4, 14, 5D, C3, E8, 26, 0C, 00, 00, 8B, 48, 6C, 3B, 0D, B8, A0, 52, 00, 74, 10, 8B, 0D, D0, 9F, 52, 00, 85, 48, 70, 75, 05, E8, 12, 17, 00, 00, A1, B8, 93, 52, 00, C3, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74, 32, F7...
 
[+]

Entropy:
7.7949  (probably packed)

Code size:
948 KB (970,752 bytes)

The file speedfixtool-setup.exe has been seen being distributed by the following 17 URLs.

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_120_3398940

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_120_3398940

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_106_3640063

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_106_3640063

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_106_3209831

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_106_3209831

http://speedfixtool.com/.../download.php

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_120_3472554

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_120_3472554

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_106_3138141

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_106_3138141

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_106_3192466

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_106_3192466

http://adformula.speedfixtool.safecart.com/.../download?omx9mxwm_120_3394296

http://adformula.speedfixtool.revenuewire.net/.../download?omx9mxwm_120_3394296

http://speedfixtool.com/.../SpeedFixTool-Setup.exe

http://securejump.net/base2.php?id=2

Remove speedfixtool-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.