» visualbee-helper.exe
Overview
Analysis
File Details
Programs (1)

visualbee-helper.exe

Visual Software Systems LTD

The application visualbee-helper.exe by Visual Software Systems has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program VisualBee by VisualBee.com which is a potentially unwanted software program. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.

File name:

Publisher:

Visual Software Systems LTD (signed and verified)

MD5:

d589402d0bc2665a7648481210e958f5

SHA-1:

3882f7c24b8697a420b2a609599e03be2c3ba59b

SHA-256:

7f8e6121b9a6bbd0db5faed92040cf6e2408cba1b67e9c27f2c9c4cf6924ce8a

Scanner detections:

1 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

4/25/2024 8:27:56 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware.Crossrider.VisualSoftwareSystems (M)

16.1.19.10

File size:

306.2 KB (313,560 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\visualbee\visualbee-helper.exe

Digital Signature

Signed by:

Visual Software Systems LTD

Authority:

Thawte, Inc.

Valid from:

10/3/2012 7:00:00 PM

Valid to:

10/17/2013 6:59:59 PM

Subject:

CN=Visual Software Systems LTD, O=Visual Software Systems LTD, L=Tel Aviv - Yafo, S=Israel, C=IL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

02F58F3809AB50D82BED45D3CEAC82AD

File PE Metadata

Compilation timestamp:

5/21/2013 7:54:45 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:7ifbLRJwLAFllYV80AjZ4i3ESeGxp/FnryqTBa5wQIt:ebLRJwLAFvYbsDHzp/FnryqTw5q

Entry address:

0x25E38

Entry point:

E8, 71, 9A, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B, D8, 8B, 4C, 24, 18, 8B, 54, 24, 14, 8B, 44, 24, 10, D1... 
[+]

Entropy:

6.5357

Code size:

233.5 KB (239,104 bytes)

The file visualbee-helper.exe has been discovered within the following program.

VisualBee by VisualBee.com

VisualBee (Visual Software Systems) is a web browser extension and toolbar that delivers contextual based advertising as well as modify the user's web browser home and search pages to provide advertising and search.

www.visualbee.com

88% remove it

Remove visualbee-helper.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.