» utils.exe
Overview
Analysis
File Details
Programs (1)

utils.exe

The application utils.exe has been detected as adware by 4 anti-malware scanners. The program is a setup application that uses the Nullsoft Install System installer, however the file is not signed with an authenticode signature from a trusted source. This file is typically installed with the program Object Browser which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

utils.exe

MD5:

80877f35e5936243031d37ea855734e9

SHA-1:

145372014d040dd9c7f4c4c8245ef6510bd2dc54

SHA-256:

bed23f0aacdde33dac83e030b4130cc31749b470c9242fd6ec26c2f95ba9374c

Scanner detections:

4 / 68

Status:

Adware

Explanation:

This is part of the Crossrider Internet browser extension framework which may modify the user's web browser settings including changing the home and search pages.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:

4/19/2024 8:51:10 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Dr.Web

Trojan.Damaged.1

9.0.1.05190

Reason Heuristics

PUP.Crossrider.F

14.7.28.10

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10456

File size:

2.1 MB (2,157,177 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Install System

Common path:

C:\Program Files\object browser\utils.exe

File PE Metadata

Compilation timestamp:

12/4/2012 7:55:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

49152:4A/LbMGRLs4fd/kcLgbUSFsHHEVF2zKGm4RzIymWP2fYnJqcOyO:1/LIEs4LgbZCHEaWGm4FIy9+feJq/J

Entry address:

0x4323

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, C3, 44, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, C4, 44, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, C4, 44, 00, 56, A3, 40, 3B, 44, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 3B, 44, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, C4, 44, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7... 
[+]

Entropy:

7.9845 (probably packed)

Code size:

34.5 KB (35,328 bytes)

The file utils.exe has been discovered within the following program.

Object Browser by Object Browser

Object Browser is an adware style application that runs in the web browser as a toolbar and web extension.

66% remove it

Remove utils.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.