» v7re-markableyz176.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

v7re-markableyz176.exe

The application v7re-markableyz176.exe has been detected as adware by 14 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 14060 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program Re-Markable by Revizer Technologies which is a potentially unwanted software program.

File name:

MD5:

84ffe0aa78b38fce2ff18fd6bd56fc6c

SHA-1:

f5daeefd1d445218bfcb02b5948d50fc324ee3ce

SHA-256:

014952eaf0fee3f6aed993aebedcf466028b5b4154bd05d4ae77c081d96e8581

Scanner detections:

14 / 68

Status:

Adware

Analysis date:

5/7/2024 3:59:21 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.150960

896

avast!

Win32:Adware-BWL [Adw]

2014.9-140822

AVG

Generic5

2015.0.3374

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.14822

Bitdefender

Gen:Variant.Graftor.150960

1.0.20.1170

Emsisoft Anti-Malware

Gen:Variant.Graftor.150960

8.14.08.22.06

ESET NOD32

Win32/AdWare.AddLyrics.BE application

8.7.0.302.0

F-Secure

Gen:Variant.Graftor.150960

11.2014-22-08_6

G Data

Gen:Variant.Graftor.150960

14.8.24

MicroWorld eScan

Gen:Variant.Graftor.150960

15.0.0.702

Qihoo 360 Security

Win32/Trojan.Dropper.c9f

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.8.22.18

Sophos

AddLyrics

4.98

VIPRE Antivirus

Threat.5063086

32210

File size:

190.5 KB (195,072 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\ver7re-markable\v7re-markableyz176.exe

File PE Metadata

Compilation timestamp:

7/30/2014 11:28:02 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

3072:xi0/dmIEj3zppFWNs+dHdhH+nHYJGJoFJBvXCn:xiMvm3zpzus+dHH3molY

Entry address:

0x10A32

Entry point:

E8, E1, 67, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C... 
[+]

Code size:

99.5 KB (101,888 bytes)

Local Proxy Server

Proxy for:

Internet Settings

Local host address:

http://127.0.0.1:14060/

Local host port:

14060

Default credentials:

The file v7re-markableyz176.exe has been discovered within the following program.

Re-Markable by Revizer Technologies

Re-Markable is an advertising injecting web browser addon that displays ads on web pages not associated with the program. It does this by using a local proxy server to route all web traffic through and display ads in the forms of banner ads, video ads and text-links.

re-markable.net

80% remove it

Remove v7re-markableyz176.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.