» utils.exe
Overview
Analysis
File Details
Programs (1)

utils.exe

The application utils.exe has been detected as adware by 8 anti-malware scanners. The program is a setup application that uses the Nullsoft Install System installer, however the file is not signed with an authenticode signature from a trusted source. This file is typically installed with the program Browser+ Apps+ by Gogo Network Club which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

utils.exe

Version:

1.35.3.9

MD5:

21d3d99dee3735326958c12a59000988

SHA-1:

940777d6a1a2ca29c5f034ddcad2bc5ece1b062c

SHA-256:

9722b4c286eaa92b09cd93f72a1b98d3f9f199cb03c53d03163af013a920042c

Scanner detections:

8 / 68

Status:

Adware

Explanation:

This is part of the Crossrider Internet browser extension framework which may modify the user's web browser settings including changing the home and search pages.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:

4/23/2024 5:06:39 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.Paked

1.3.0.4959

Dr.Web

Trojan.Crossrider.32373

9.0.1.0304

G Data

NSIS.Adware.Crossrider

14.10.24

IKARUS anti.virus

AdWare.CrossRider

t3scan.1.7.8.0

Malwarebytes

PUP.Optional.crossRider.A

v2014.10.31.09

NANO AntiVirus

Trojan.Win32.Crossrider.dfbcsb

0.28.2.62286

Reason Heuristics

PUP.Crossrider.F

14.10.31.21

Trend Micro House Call

Suspicious_GEN.F47V0918

7.2.304

File size:

2.4 MB (2,492,871 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Nullsoft Install System

Language:

English (United States)

Common path:

C:\Program Files\browser+ apps+\utils.exe

File PE Metadata

Compilation timestamp:

12/4/2012 4:55:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

49152:sLt2TEQcWVRydD+DOK6MGdqGytiHwovB+pOKIJl5k58Ubd3D4Mr:+tpTWVMdxK6jc+rv0pOKIJc5hN

Entry address:

0x4323

Entry point:

55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, C3, 44, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, C4, 44, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, C4, 44, 00, 56, A3, 40, 3B, 44, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 3B, 44, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, C4, 44, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7... 
[+]

Entropy:

7.9877 (probably packed)

Code size:

34.5 KB (35,328 bytes)

The file utils.exe has been discovered within the following program.

Browser+ Apps+ by Gogo Network Club

browser+ apps+ is a potentially unwanted adware program that injects ads into the user's browser. This includes inserting into web pages or displaying ads over parts of existing web page advertisements, banners, coupons or text links that would not otherwise appear.

84% remove it

Remove utils.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.