» updater.exe
Overview
Analysis
File Details
Programs (1)

updater.exe

The application updater.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. This file is typically installed with the program BrowseMark by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.

File name:

updater.exe

Version:

1.0.0.2

MD5:

c779115f8314f1d2aba0e37efd64ea3c

SHA-1:

541a1d0fa7ced0eefcf06e19a1f069427f145a0c

SHA-256:

7565c6a78c1c1fbc008f843e3c3f55129634d262ad3f416f423c77ba8adbe46c

Scanner detections:

21 / 68

Status:

Potentially unwanted

Explanation:

Injects advertising in the web browser in various formats.

Analysis date:

4/27/2024 2:22:07 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11395861

865

Agnitum Outpost

Riskware.Agent

7.1.1

Baidu Antivirus

Adware.Win32.BrowseFox

4.0.3.14922

Bitdefender

Trojan.Generic.11395861

1.0.20.1325

Dr.Web

Trojan.BPlug.90

9.0.1.0265

Emsisoft Anti-Malware

Trojan.Generic.11395861

8.14.09.22.02

ESET NOD32

Win32/BrowseFox

8.10337

Fortinet FortiGate

Riskware/BrowseFox

9/22/2014

F-Secure

Trojan.Generic.11395861

11.2014-22-09_2

G Data

Trojan.Generic.11395861

14.9.24

IKARUS anti.virus

PUA.BrowseFox

t3scan.1.7.5.0

K7 AntiVirus

Trojan

13.183.13198

McAfee

Artemis!B79C1B46C1C8

5600.6999

MicroWorld eScan

Trojan.Generic.11395861

15.0.0.795

NANO AntiVirus

Trojan.Win32.BPlug.dbonrn

0.28.2.61861

nProtect

Trojan.Generic.11395861

14.08.29.01

Panda Antivirus

Trj/CI.A

14.09.22.02

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.22.14

Rising Antivirus

PE:Trojan.Win32.Generic.170C5DF9!386686457

23.00.65.14920

Sophos

Generic PUA MG

4.98

Trend Micro House Call

TROJ_GEN.F47V0409

7.2.103

File size:

108 KB (110,592 bytes)

Product version:

1.0.0.2

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\browsemark\updater.exe

File PE Metadata

Compilation timestamp:

4/2/2014 4:28:01 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:IvdoST5wFJkuNQbJwT66bb2nenybR0jHcBesWjcdctIpTJWx:2z6Ye8R0jKBctIpTJWx

Entry address:

0x8609

Entry point:

E8, 09, 4C, 00, 00, E9, 7F, FE, FF, FF, 6A, 08, 68, D0, 79, 41, 00, E8, 91, 00, 00, 00, FF, 35, FC, A6, 41, 00, FF, 15, 6C, 21, 41, 00, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 01, 00, 00, 00, CC, 6A, 08, 68, B0, 79, 41, 00, E8, 59, 00, 00, 00, E8, 0E, 32, 00, 00, 8B, 40, 78, 85, C0, 74, 16, 83, 65, FC, 00, FF, D0, EB, 07, 33, C0, 40, C3, 8B, 65, E8, C7, 45, FC, FE, FF, FF, FF, E8, 1B, 4D, 00, 00, CC, E8, E6, 31, 00, 00, 8B, 40, 7C, 85, C0... 
[+]

Code size:

64.5 KB (66,048 bytes)

The file updater.exe has been discovered within the following program.

BrowseMark by Yontoo Technology, Inc.

The BrowseMark toolbar/web browser extension is ad/search-supported that is typically installed as an optional offer, users generally have this bundled with 3rd party software.

browsemark.net/support

88% remove it

Remove updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.