» sysad.exe
Overview
Analysis
File Details
Programs (1)

sysad.exe

The application sysad.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. This file is typically installed with the program Rockettab by Rich River Media, LLC which is a potentially unwanted software program. According to AVG, this software downloads additional adware offers during setup.

File name:

sysad.exe

MD5:

2d4b9d1cc2bcaf11528ebbb38d969050

SHA-1:

81642d5736a15229a787da7e806e2f0e47b14068

SHA-256:

aa0c1e93eb0ed0c51a28e68a11d63055251e1f358717e13102d9d9c3d1d456fe

Scanner detections:

23 / 68

Status:

Potentially unwanted

Analysis date:

3/1/2026 2:06:23 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Graftor.170753

751

AhnLab V3 Security

PUP/Win32.IBryte

2015.01.15

Avira AntiVirus

Adware/iBryte.251392.2

7.11.201.28

avast!

Win32:Malware-gen

2014.9-150114

AVG

Downloader

2016.0.3229

Baidu Antivirus

Adware.MSIL.iBryte

4.0.3.15114

Bitdefender

Gen:Variant.Adware.Graftor.170753

1.0.20.70

Comodo Security

ApplicUnwnt

20706

Emsisoft Anti-Malware

Gen:Variant.Adware.Graftor.170753

8.15.01.14.12

ESET NOD32

MSIL/Adware.iBryte (variant)

9.11012

Fortinet FortiGate

Adware/IBryte

1/14/2015

F-Secure

Gen:Variant.Adware.Graftor.170753

11.2015-14-01_4

G Data

Gen:Variant.Adware.Graftor.170753

15.1.24

K7 AntiVirus

Adware

13.191.14638

Kaspersky

not-a-virus:AdWare.MSIL.iBryte

14.0.0.2642

McAfee

Artemis!2D4B9D1CC2BC

5600.6885

MicroWorld eScan

Gen:Variant.Adware.Graftor.170753

16.0.0.42

NANO AntiVirus

Riskware.Win32.IBryte.dmgumw

0.30.0.64448

Panda Antivirus

Trj/Genetic.gen

15.01.14.12

Reason Heuristics

Threat.Win.Reputation.IMP

15.1.23.9

Sophos

Generic PUA IB

4.98

Trend Micro House Call

Suspicious_GEN.F47V0109

7.2.14

VIPRE Antivirus

Win32.Malware!Drop

36648

File size:

245.5 KB (251,392 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\sysad.exe

File PE Metadata

Compilation timestamp:

1/9/2015 9:22:53 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:ESGhkcB6CwzaqZsoHM50Vq0OwIgEJ8+m1ZVRjgDnpkyGfi+0DWFs9xyqw6wLnlIu:ESGEvf5FQnm1ZVNgDnpwaD6Fsjgii

Entry address:

0x2413

Entry point:

E8, 27, 20, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 4C, E8, 43, 00, FF, 15, 60, 60, 41, 00, 85, C0, 75, 18, 56, E8, D9, 20, 00, 00, 8B, F0, FF, 15, 5C, 60, 41, 00, 50, E8, 89, 20, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, A8, DD, 43, 00, 89, 0D, A4, DD, 43, 00, 89, 15, A0, DD, 43, 00, 89, 1D, 9C, DD, 43, 00, 89, 35, 98, DD, 43, 00, 89, 3D, 94, DD, 43, 00, 66, 8C, 15, C0, DD, 43, 00, 66, 8C, 0D, B4, DD, 43, 00... 
[+]

Code size:

82.5 KB (84,480 bytes)

The file sysad.exe has been discovered within the following program.

Rockettab by Rich River Media, LLC

RocketTab is an adware program that injects advertising in the user's web browser by creating a local proxy server and routing all Internet traffic through that proxy. By re-routing traffic the service will be able to include various ads in the HTML of the displaying web page.

rockettab.com

88% remove it

Remove sysad.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.