» t-add.exe
Overview
Analysis
File Details

t-add.exe

OCEAN INC Co.,Ltd.

The application t-add.exe by OCEAN INC Co.,Ltd has been detected as adware by 7 anti-malware scanners.

File name:

t-add.exe

Publisher:

OCEAN INC Co.,Ltd. (signed and verified)

Version:

2013.10.17.1

MD5:

0bbd5d17b90f2d234d43f61589d8f37c

SHA-1:

9e04568d5f00a8f8ca201eede77f3c7efbd28674

Scanner detections:

7 / 68

Status:

Adware

Analysis date:

4/26/2024 7:21:22 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Downloader-UHH [PUP]

2014.9-150307

Bkav FE

W32.Clod06a.Trojan

1.3.0.4613

Malwarebytes

Trojan.Msidebar

v2015.03.07.10

nProtect

Adware/W32.KrAdword.668040

13.12.15.01

Reason Heuristics

PUP.DevineMedia

15.3.7.22

Trend Micro House Call

TROJ_GEN.F47V1112

7.2.66

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.24.3

File size:

652.4 KB (668,040 bytes)

Product version:

2013.10.17.1

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\easyclick\t-add.exe

Digital Signature

Signed by:

OCEAN INC Co.,Ltd.

Authority:

Thawte, Inc.

Valid from:

9/4/2013 9:00:00 AM

Valid to:

10/5/2014 8:59:59 AM

Subject:

CN="OCEAN INC Co.,Ltd.", OU=Dev Team, O="OCEAN INC Co.,Ltd.", L=Guro-gu, S=Seoul, C=KR

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

1594E13BEBF4FD90B0922EE4CE3369D8

File PE Metadata

Compilation timestamp:

10/18/2013 5:21:36 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:aI6cxi/ql+Pki/SWKEeQjtciBJ8xOfglFHicX9LsPXuM:P60enPki/7KEeutl6sfglBi49BM

Entry address:

0x8BAB0

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, A0, A6, 48, 00, E8, 8F, B2, F7, FF, 68, 2C, BB, 48, 00, 6A, FF, 6A, 00, E8, 4D, B4, F7, FF, 8B, D8, 85, DB, 74, 51, E8, 1A, B5, F7, FF, 85, C0, 75, 48, A1, C4, EA, 48, 00, 8B, 00, E8, A6, 21, FD, FF, A1, C4, EA, 48, 00, 8B, 00, B2, 01, E8, 70, 40, FD, FF, 8B, 0D, 20, ED, 48, 00, A1, C4, EA, 48, 00, 8B, 00, 8B, 15, 8C, 64, 48, 00, E8, 98, 21, FD, FF, A1, C4, EA, 48, 00, 8B, 00, E8, C4, 22, FD, FF, 85, DB, 74, 06, 53, E8, C6, B3, F7, FF, 5B, E8, 7C, 8E, F7, FF, 74, 69, 6D, 65... 
[+]

Entropy:

6.5968

Developed / compiled with:

Microsoft Visual C++

Code size:

554 KB (567,296 bytes)

Remove t-add.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.