home

updater19962.exe

Supreme Savings

Innovative Apps

This is part of a distribution package that is classified as adware distributed by 50onRed. This adware is used to interact with the installed web browsers and inject ads and modify the default search and homepages. The application updater19962.exe, “Supreme Savings exe” by Innovative Apps has been detected as adware by 26 anti-malware scanners. This web browser addon will display additional advertisements in the user's browser including popup, banner, contextual hyperlinks as well as affiliate links.
Publisher:
Innovative Apps  (signed and verified)

Product:
Supreme Savings

Description:
Supreme Savings exe

Version:
1000.1000.1000.1000

MD5:
0ead8d38199e8fac86fcef97618c1f4c

SHA-1:
dd0c5172448eddb6f5fe8fe2a1cd800ec20dbbd4

SHA-256:
5ef737454aa392177ac6a67707f509e831e2302fa7393da704c04e74ba1572c7

Scanner detections:
26 / 68

Status:
Adware

Explanation:
Browser extension that injects additional advertisements (banner and text links) on web pages.

Analysis date:
4/19/2024 10:03:19 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Application.Heur.mq1@mq4WL6gi
362

Agnitum Outpost
PUA.Toolbar.CrossRider
7.1.1

AhnLab V3 Security
Win-PUP/CrossRider
2015.02.16

Avira AntiVirus
TR/Drop.Softomat.AN
3.6.1.96

avast!
Win32:Installer-M [Adw]
2014.9-160208

AVG
SmartShopper.G
2017.0.2840

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.1628

Bitdefender
Gen:Application.Heur.mq1@mq4WL6gi
1.0.20.195

Bkav FE
W32.HfsAdware
1.3.0.6379

Comodo Security
ApplicUnwnt
16284

Dr.Web
Adware.Plugin.88
9.0.1.039

Emsisoft Anti-Malware
Riskware.Win32.Toolbar.CrossRider.AMN
8.16.02.08.10

ESET NOD32
Win32/Toolbar.CrossRider.C potentially unwanted (variant)
10.11179

F-Prot
W32/A-3c0216a1
v6.4.7.1.166

F-Secure
Gen:Application.Heur.mq1@mq4WL6gi
11.2016-08-02_2

G Data
Gen:Application.Heur.mq1@mq4WL6gi
16.2.25

K7 AntiVirus
Unwanted-Program
13.194.14969

Malwarebytes
PUP.Optional.SupremeSavings.A
v2016.02.08.10

McAfee
Artemis!2167E5618EF6
5600.6496

MicroWorld eScan
Gen:Application.Heur.mq1@mq4WL6gi
17.0.0.117

NANO AntiVirus
Trojan.Win32.Plugin.cqzpgj
0.30.0.65070

Reason Heuristics
PUP.50OnRed.InnovativeApps (M)
16.2.8.10

Sophos
PUA 'AppRider' (of type Adware)
5.12

Trend Micro House Call
TROJ_GEN.R0C1H05KM14
7.2.39

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.20.2

VIPRE Antivirus
GamePlayLabs
37576

File size:
205.4 KB (210,312 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Supreme Savings.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\updater19962\updater19962.exe

Digital Signature
Signed by:
Innovative Apps

Authority:
Thawte, Inc.

Valid from:
1/8/2013 6:00:00 PM

Valid to:
1/9/2014 5:59:59 PM

Subject:
CN=Innovative Apps, O=Innovative Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5419E32FDAD7A6E5666A35066C5EAAC5

File PE Metadata
Compilation timestamp:
1/15/2013 7:01:55 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:S/2e1jiykkaE5dKvKJZltWRkWTpJitu8xQAei7MxNEndGM/ER:/e9iykqZvlt4k8Jkn+Aei7MxvM2

Entry address:
0x15B31

Entry point:
E8, 95, 83, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 22, E2, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 20, 26, 43, 00, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18, 89, 5D, F8, 39, 5D, 24, 75, 0B, 8B, 45, 08, 8B, 00, 8B, 40, 04, 89, 45, 24, 8B, 35, 6C, 90, 42, 00...
 
[+]

Entropy:
6.4689

Code size:
158 KB (161,792 bytes)

Remove updater19962.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.