home

Supreme Savings.exe

Supreme Savings

Innovative Apps

This is part of a distribution package that is classified as adware distributed by 50onRed. This adware is used to interact with the installed web browsers and inject ads and modify the default search and homepages. The application Supreme Savings.exe, “Supreme Savings exe” by Innovative Apps has been detected as adware by 10 anti-malware scanners. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.
Publisher:
Innovative Apps  (signed and verified)

Product:
Supreme Savings

Description:
Supreme Savings exe

Version:
1.1.153.47

MD5:
c200af9a3d9d71735fc6a0f51e0c7136

SHA-1:
27127bec574fd8c0d7f5876ed64443fab2e23d31

SHA-256:
fe79a58dc147cb98f1db9df2616f582f53e57a42e2009ba00d334e74d91ddc26

Scanner detections:
10 / 68

Status:
Adware

Explanation:
Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:
4/24/2024 7:41:49 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/CrossRider.A.6473
7.11.156.20

avast!
Win32:Installer-M [Adw]
2014.9-140707

Bkav FE
W32.Clodefc.Trojan
1.3.0.4959

ESET NOD32
Win32/Toolbar.CrossRider (variant)
8.9978

herdProtect (fuzzy)
variant of supreme savings-bg.exe (Adware)
2014.7.7.9

K7 AntiVirus
Unwanted-Program
13.180.12484

Malwarebytes
PUP.Optional.SupremeSavings.A
v2014.07.07.09

Reason Heuristics
PUP.InnovativeApps.P
14.8.7.17

Sophos
AppRider
4.98

VIPRE Antivirus
GamePlayLabs
30504

File size:
1.4 MB (1,500,552 bytes)

Product version:
1.1.153.47

Copyright:
Copyright 2011

Original file name:
Supreme Savings.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\supreme savings\supreme savings.exe

Digital Signature
Signed by:
Innovative Apps

Authority:
Thawte, Inc.

Valid from:
1/8/2013 7:00:00 PM

Valid to:
1/9/2014 6:59:59 PM

Subject:
CN=Innovative Apps, O=Innovative Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5419E32FDAD7A6E5666A35066C5EAAC5

File PE Metadata
Compilation timestamp:
4/3/2013 4:21:15 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:U7bZCjqas5Xic/e5RbYheGtptUsRgQ+PjxcEykQqHNuquXdMhT61c5Kg:ibZCjTeXic25RUh5tptUsRgQ+PNDBHhl

Entry address:
0xEF2AD

Entry point:
E8, B0, AB, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 38, AB, 56, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 3C, AB, 56, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 85, 0E, 00, 00, 85, C0, 75, 06, B8, A0, AC, 56, 00, C3, 83, C0, 08, C3, E8, 72, 0E, 00, 00, 85, C0, 75, 06, B8, A4, AC, 56, 00, C3, 83, C0, 0C, C3, 8B, FF, 55, 8B, EC, 56, E8, E2, FF, FF, FF, 8B, 4D, 08...
 
[+]

Entropy:
6.5818

Code size:
1.2 MB (1,249,280 bytes)

Remove Supreme Savings.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.