home

utiltowertilt.exe

The application utiltowertilt.exe has been detected as a potentially unwanted program by 8 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Version:
1.0.5331.281

MD5:
f59c36d2156baff1b735fcacca4381a8

SHA-1:
19e165678f8ef118b3f96c031d3c72c7c53bb232

SHA-256:
f7d109c87d673c200e0ae99e94ca1a24a124f32366f23e16f65f51058ec5ee96

Scanner detections:
8 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
4/24/2024 10:15:48 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

AVG
Towit
2015.0.3313

Baidu Antivirus
Adware.Win32.BrowseFox
4.0.3.141022

ESET NOD32
Win32/BrowseFox.H potentially unwanted application
8.7.0.302.0

Kaspersky
not-a-virus:HEUR:AdWare.MSIL.Kranet
14.0.0.3062

Malwarebytes
PUP.Optional.TowerTilt.A
v2014.10.22.02

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10426

VIPRE Antivirus
Threat.4741131
31208

File size:
315.8 KB (323,360 bytes)

Product version:
1.0.5331.281

Original file name:
TowerTilt.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\towertilt\bin\utiltowertilt.exe

File PE Metadata
Compilation timestamp:
8/5/2014 9:09:38 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:9lmfAzOHfBvSj0OrY7phud7lFsjfx9L/9ZcVwXb5z2:9lmfD/BB3L/MCNi

Entry address:
0x4EBBA

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, CC, 02, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 38, 00, 00, 80, 00, 00...
 
[+]

Entropy:
6.0935

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
307 KB (314,368 bytes)

Remove utiltowertilt.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.