sysad.exe

The application sysad.exe has been detected as a potentially unwanted program by 23 anti-malware scanners. This file is typically installed with the program Rockettab by Rich River Media, LLC which is a potentially unwanted software program. According to AVG, this software downloads additional adware offers during setup.
MD5:
2d4b9d1cc2bcaf11528ebbb38d969050

SHA-1:
81642d5736a15229a787da7e806e2f0e47b14068

SHA-256:
aa0c1e93eb0ed0c51a28e68a11d63055251e1f358717e13102d9d9c3d1d456fe

Scanner detections:
23 / 68

Status:
Potentially unwanted

Analysis date:
3/1/2026 2:06:23 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.170753
751

AhnLab V3 Security
2015.01.15

Avira AntiVirus
Adware/iBryte.251392.2
7.11.201.28

avast!
Win32:Malware-gen
2014.9-150114

AVG
Downloader
2016.0.3229

Baidu Antivirus
Adware.MSIL.iBryte
4.0.3.15114

Bitdefender
Gen:Variant.Adware.Graftor.170753
1.0.20.70

Comodo Security
ApplicUnwnt
20706

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.170753
8.15.01.14.12

ESET NOD32
MSIL/Adware.iBryte (variant)
9.11012

Fortinet FortiGate
Adware/IBryte
1/14/2015

F-Secure
Gen:Variant.Adware.Graftor.170753
11.2015-14-01_4

G Data
Gen:Variant.Adware.Graftor.170753
15.1.24

K7 AntiVirus
Adware
13.191.14638

Kaspersky
not-a-virus:AdWare.MSIL.iBryte
14.0.0.2642

McAfee
Artemis!2D4B9D1CC2BC
5600.6885

MicroWorld eScan
Gen:Variant.Adware.Graftor.170753
16.0.0.42

NANO AntiVirus
Riskware.Win32.IBryte.dmgumw
0.30.0.64448

Panda Antivirus
Trj/Genetic.gen
15.01.14.12

Reason Heuristics
Threat.Win.Reputation.IMP
15.1.23.9

Sophos
Generic PUA IB
4.98

Trend Micro House Call
Suspicious_GEN.F47V0109
7.2.14

VIPRE Antivirus
Win32.Malware!Drop
36648

File size:
245.5 KB (251,392 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\sysad.exe

File PE Metadata
Compilation timestamp:
1/9/2015 9:22:53 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:ESGhkcB6CwzaqZsoHM50Vq0OwIgEJ8+m1ZVRjgDnpkyGfi+0DWFs9xyqw6wLnlIu:ESGEvf5FQnm1ZVNgDnpwaD6Fsjgii

Entry address:
0x2413

Entry point:
E8, 27, 20, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 2D, FF, 75, 08, 6A, 00, FF, 35, 4C, E8, 43, 00, FF, 15, 60, 60, 41, 00, 85, C0, 75, 18, 56, E8, D9, 20, 00, 00, 8B, F0, FF, 15, 5C, 60, 41, 00, 50, E8, 89, 20, 00, 00, 59, 89, 06, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, A8, DD, 43, 00, 89, 0D, A4, DD, 43, 00, 89, 15, A0, DD, 43, 00, 89, 1D, 9C, DD, 43, 00, 89, 35, 98, DD, 43, 00, 89, 3D, 94, DD, 43, 00, 66, 8C, 15, C0, DD, 43, 00, 66, 8C, 0D, B4, DD, 43, 00...
 
[+]

Code size:
82.5 KB (84,480 bytes)

The file sysad.exe has been discovered within the following program.

Rockettab  by Rich River Media, LLC
RocketTab is an adware program that injects advertising in the user's web browser by creating a local proxy server and routing all Internet traffic through that proxy. By re-routing traffic the service will be able to include various ads in the HTML of the displaying web page.
rockettab.com
88% remove it
 
Powered by Should I Remove It?

Remove sysad.exe - Powered by Reason Core Security