» SSIagent.EXE
Overview
Analysis
File Details

SSIagent.EXE

SSIagent 응용 프로그램

Korea Contents Network

The application SSIagent.EXE, “SSIagent MFC 응용 프로그램” by Korea Contents Network has been detected as adware by 26 anti-malware scanners.

File name:

SSIagent.EXE

Publisher:

Korea Contents Network (signed and verified)

Product:

SSIagent 응용 프로그램

Description:

SSIagent MFC 응용 프로그램

Version:

1, 0, 0, 1

MD5:

75bc16870ee222dfc10bb63aa06a8bba

SHA-1:

2e1527aa5899f7017960adff736c49d3ca826c7f

Scanner detections:

26 / 68

Status:

Adware

Analysis date:

4/26/2024 5:36:25 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.578949

699

Agnitum Outpost

Adware.CloverPlus

7.1.1

AhnLab V3 Security

PUP/Win32.ShortCut

15.03.07

Avira AntiVirus

TR/Symmi.31332.10

7.11.151.204

AVG

Generic5

2016.0.3177

Bitdefender

Application.Generic.578949

1.0.20.330

Bkav FE

W32.Clod342.Trojan

1.3.0.4959

Comodo Security

ApplicUnwnt

18347

Dr.Web

Trojan.DownLoader10.49338

9.0.1.066

ESET NOD32

Win32/Adware.CloverPlus.AB (variant)

9.9857

Fortinet FortiGate

Adware/CloverPlus

3/7/2015

G Data

Application.Generic.578949

15.3.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

K7 AntiVirus

Adware

13.178.12212

Malwarebytes

Adware.KorAd

v2015.03.07.10

McAfee

Artemis!75BC16870EE2

5600.6833

MicroWorld eScan

Application.Generic.578949

16.0.0.198

NANO AntiVirus

Trojan.Win32.DownLoader10.cqjotc

0.28.0.59921

Panda Antivirus

Trj/CI.A

15.03.07.10

Reason Heuristics

PUP.KoreaContentsNetwork

15.3.7.22

Trend Micro House Call

ADW_CLOVERPLUS

7.2.66

Trend Micro

ADW_CLOVERPLUS

10.465.07

Vba32 AntiVirus

AdWare.CloverPlus

3.12.26.0

VIPRE Antivirus

CloverPlus

29680

ViRobot

Adware.Agent.121448.A

2011.4.7.4223

Zillya! Antivirus

Adware.CloverPlus.Win32.194

2.0.0.1803

File size:

118.6 KB (121,448 bytes)

Product version:

1, 0, 0, 1

Original file name:

SSIagent.EXE

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Application data\ssi\ssiagent.exe

Digital Signature

Signed by:

Korea Contents Network

Authority:

Thawte, Inc.

Valid from:

1/14/2013 9:00:00 AM

Valid to:

4/16/2014 8:59:59 AM

Subject:

CN=Korea Contents Network, OU=IT Team, O=Korea Contents Network, L=Seocho-gu, S=SEOUL, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

21EE4A0E6A9CF5DFE2A088CE59AC500C

File PE Metadata

Compilation timestamp:

11/18/2013 11:45:58 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

1536:Jf6DbcNUxpcuP3qhcrY9SXRqZXyBRjbZcaBedLGxa0U27QUG1Av2:JysVu459yQXyzbzeM9U27QUv2

Entry address:

0x12DDF

Entry point:

55, 8B, EC, 6A, FF, 68, F8, 5A, 41, 00, 68, 6C, 2F, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, FF, 15, 50, 54, 41, 00, 59, 83, 0D, 50, AC, 41, 00, FF, 83, 0D, 54, AC, 41, 00, FF, FF, 15, 54, 54, 41, 00, 8B, 0D, 44, AC, 41, 00, 89, 08, FF, 15, 58, 54, 41, 00, 8B, 0D, 40, AC, 41, 00, 89, 08, A1, 5C, 54, 41, 00, 8B, 00, A3, 4C, AC, 41, 00, E8, 1D, 01, 00, 00, 39, 1D, 60, A7, 41, 00, 75, 0C, 68, 68, 2F, 41, 00, FF, 15, 60, 54... 
[+]

Entropy:

6.2631

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

80 KB (81,920 bytes)

Remove SSIagent.EXE - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.