» Splash.exe
Overview
Analysis
File Details
Behaviors (1)

Splash.exe

Splash

ShieldApps

The application Splash.exe by ShieldApps has been detected as a potentially unwanted program by 6 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time.

File name:

Splash.exe

Publisher:

ShieldApps (signed and verified)

Product:

Splash

Version:

2.5.7.0

MD5:

02842348805bcc0b24d7182fc89ca402

SHA-1:

0b22e19a9b3de97c8e974f4ba6c33dcbc7f8ae3a

SHA-256:

8b3cd4b5fb22cedef84cd248249d5e9afe75cb415eaca44ae98627df7a23e93d

Scanner detections:

6 / 68

Status:

Potentially unwanted

Analysis date:

4/23/2024 5:58:52 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Malware-gen

2014.9-140923

Dr.Web

Program.Unwanted.64

9.0.1.0266

Kaspersky

Trojan-FakeAV.Win32.Agent

14.0.0.3206

Panda Antivirus

Trj/Chgt.G

14.09.23.04

Qihoo 360 Security

Win32/Trojan.5f3

1.0.0.1015

Reason Heuristics

PUP.Optional.Task.G

14.9.23.16

File size:

309 KB (316,376 bytes)

Product version:

2.5.7.0

Original file name:

Splash.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\speed optimizer pro\splash.exe

Digital Signature

Signed by:

ShieldApps

Authority:

COMODO CA Limited

Valid from:

4/20/2014 6:00:00 PM

Valid to:

4/20/2017 5:59:59 PM

Subject:

CN=ShieldApps, O=ShieldApps, STREET="5042 WILSHIRE BLVD #18607", L=Los Angeles, S=CA, PostalCode=90036, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00BF7B1D88A75BC0648B334EC9478005E3

File PE Metadata

Compilation timestamp:

8/1/2014 1:39:47 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:+/+8JExRLrjArsEMUfpPstiGv8JExRLrjArsEMUa:8ELnAQvUfN3ELnAQvUa

Entry address:

0x2F39E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 70, 00... 
[+]

Entropy:

4.8269

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

181 KB (185,344 bytes)

Scheduled Task

Task name:

SpeedOptimizerPro_Popup

Trigger:

Daily (Runs daily at 3:15 PM)

Action:

splash.exe true

Description:

SplashPopup_SpeedOptimizerPro

Remove Splash.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.