home

storegid.exe

storegid

TRIORIS LLC

The application storegid.exe by TRIORIS has been detected as a potentially unwanted program by 24 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘storegid’.
Publisher:
ШоппингГид  (signed by TRIORIS LLC)

Product:
storegid

Description:
ШоппингГид

Version:
1.0.0.4

MD5:
16901441a83b6c3952a9af3e74537fc2

SHA-1:
8bdfae37cffebc6e87ba09897a80269d2ea3be60

SHA-256:
0a6642ed51b72b0c1e7015968671e961fc51a79aba38154179d1bdbb22060ac0

Scanner detections:
24 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 12:51:17 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Strictor.62885
775

Agnitum Outpost
PUA.Agent
7.1.1

AVG
Generic5
2015.0.3253

Baidu Antivirus
Adware.Win32.Agent
4.0.3.141221

Bitdefender
Gen:Variant.Strictor.62885
1.0.20.1775

Comodo Security
ApplicUnwnt
19641

Dr.Web
Trojan.Triosir.8
9.0.1.0355

Emsisoft Anti-Malware
Gen:Variant.Strictor.62885
8.14.12.21.12

ESET NOD32
Win32/AdWare.Agent.NFF (variant)
8.10546

Fortinet FortiGate
Riskware/Agent
12/21/2014

F-Secure
Gen:Variant.Strictor.62885
11.2014-21-12_1

G Data
Gen:Variant.Strictor.62885
14.12.24

IKARUS anti.virus
PUA.Agent
t3scan.1.7.8.0

K7 AntiVirus
Adware
13.183.13642

McAfee
Artemis!16901441A83B
5600.6909

MicroWorld eScan
Gen:Variant.Strictor.62885
15.0.0.1065

Qihoo 360 Security
Win32/Trojan.562
1.0.0.1015

Reason Heuristics
PUP.Optional.Startup.I
14.12.21.12

Rising Antivirus
PE:Trojan.Win32.Generic.1742233C!390210364
23.00.65.141219

Sophos
Generic PUA EK
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Small
10164

Trend Micro House Call
Suspicious_GEN.F47V0914
7.2.355

VIPRE Antivirus
Trojan.Win32.Generic
33826

Zillya! Antivirus
Backdoor.PePatch.Win32.45614
2.0.0.1952

File size:
267.2 KB (273,568 bytes)

Product version:
1.0.0.4

Copyright:
Copyright (C) 2014

Original file name:
storegid.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\storegid\storegid.exe

Digital Signature
Signed by:
TRIORIS LLC

Authority:
COMODO CA Limited

Valid from:
3/27/2013 4:00:00 AM

Valid to:
3/27/2016 3:59:59 AM

Subject:
CN=TRIORIS LLC, O=TRIORIS LLC, STREET="Griboedova str., 34, 5", L=Novosibirsk, S=Novosibirsk region, PostalCode=630000, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DDE431469F44EE01CD42B3680AB9990D

File PE Metadata
Compilation timestamp:
9/19/2014 10:47:28 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
3072:OsRIAinhrX6upaCr6te2cJKL7jEFX5D9Qhog7Di+F:OYCBF2xNoHDu+yi+F

Entry address:
0xF525

Entry point:
E8, A4, 75, 00, 00, E9, 7F, FE, FF, FF, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 1C, DD, 42, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 80, C1, 42, 00, 01, 0F, 82, E2, 76, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06...
 
[+]

Code size:
129 KB (132,096 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
storegid

Command:
C:\users\{user}\appdata\local\storegid\storegid.exe


Remove storegid.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.