» updateadanak.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

updateadanak.exe

Adanak

Part of the Yontoo web browser plugin (delivers advertisements to the web browser in the form of injected banners, text-links, popups, etc.) the updater mechanism for Adanak will automatically keep the extension patched by downloaded new functionality which is auto-enabled by default. The application updateadanak.exe by Adanak has been detected as adware by 6 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Update Adanak”. This file is typically installed with the program Adanak by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.

File name:

updateadanak.exe

Publisher:

Adanak (signed and verified)

Version:

1.0.5314.40956

MD5:

48e6b9fb2423561ed1c4692975f1d617

SHA-1:

8f33ba1c3bdfa844c733cde0bc1daa18e358f444

SHA-256:

facaef54bb15c39d869204ebe8c8bfb266ba18d70db148f2bc029065e0c87aa7

Scanner detections:

6 / 68

Status:

Adware

Explanation:

Part of the Yontoo adware web browser extension update process.

Analysis date:

4/25/2024 5:53:07 PM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

Adware.Win32.BrowseFox

4.0.3.14721

ESET NOD32

Win32/BrowseFox.H potentially unwanted application

7.0.302.0

IKARUS anti.virus

PUA.BrowseFox

t3scan.1.6.1.0

Malwarebytes

PUP.Optional.Adanak.A

v2014.07.21.07

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Reason Heuristics

Adware.Yontoo.Adanak.M

14.7.21.6

File size:

314.3 KB (321,816 bytes)

Product version:

1.0.5314.40956

Original file name:

Adanak.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\adanak\updateadanak.exe

Digital Signature

Signed by:

Adanak

Authority:

VeriSign, Inc.

Valid from:

4/22/2014 5:00:00 AM

Valid to:

4/23/2015 4:59:59 AM

Subject:

CN=Adanak, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Adanak, L=Santa Monica, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

54EAA4FDDD0AEB1183ED278A995C36F7

File PE Metadata

Compilation timestamp:

7/21/2014 4:45:26 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

6144:zIjBn8/OwTn8/1kBDEkhV9fohtMs7J78YYmVpb24gbd:zIjBiOO8/gexdHs4gh

Entry address:

0x4E57E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

305.5 KB (312,832 bytes)

Service

Display name:

Update Adanak

Type:

Win32OwnProcess

The file updateadanak.exe has been discovered within the following programs.

Adanak by Yontoo Technology, Inc.

Adanak is an advertising supported (adware) extension that runs in the context of the user's web browser as well as a process in the background.

adanak.net/support

83% remove it

Remove updateadanak.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.