home

Surftastic2014121015.exe

Surftastic

Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The file Surftastic2014121015.exe by Surftastic has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Surftastic  (signed and verified)

Version:
1.0.5457.13245

MD5:
265796b4651e86904926d28a2e3c3981

SHA-1:
c76bcbe5091339753136db736e27363aaaba6fbb

SHA-256:
d341e1d0ae4fa488b05a58ef2a54d8efcd4637cae222c875d30822428ed97933

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.

Analysis date:
4/24/2024 10:06:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo.Surftastic (M)
16.2.13.22

File size:
511.4 KB (523,688 bytes)

Product version:
1.0.5457.13245

Original file name:
Surftastic2014121015.exe

Common path:
C:\Program Files\surftastic\bin\tmp9c1d.tmp

Digital Signature
Signed by:
Surftastic

Authority:
COMODO CA Limited

Valid from:
5/7/2014 3:00:00 AM

Valid to:
5/8/2015 2:59:59 AM

Subject:
CN=Surftastic, O=Surftastic, STREET=10620 Treena Street Suite 230, L=San Diego, S=Ca, PostalCode=92131, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1E51B1BC1DA0D725290BE84DCF88D4EB

File PE Metadata
Compilation timestamp:
12/10/2014 6:21:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:27y0PdtPn1XineURfDA9+aTOdjT7BZDIu7Wi2NzdkK4JoY/3vyyvHJH+SB3pZ8mU:27ll7SnevIZB2NhN4znyd

Entry address:
0x7F9DE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
503 KB (515,072 bytes)

Remove Surftastic2014121015.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.