» x7re-markableco176.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

x7re-markableco176.exe

The application x7re-markableco176.exe has been detected as adware by 14 anti-malware scanners. This executable runs as a local area network (LAN) Internet proxy server listening on port 14334 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program Re-Markable by Revizer Technologies which is a potentially unwanted software program.

File name:

MD5:

f9255998fc424661cbebaf240a0943d3

SHA-1:

111270c454632f7dd1a17b3bbfd8466f7fcb8597

SHA-256:

fda8c956eaff9f212df89fa454b9233496f3a19f2cff4dbc71f10f78c9d033cc

Scanner detections:

14 / 68

Status:

Adware

Analysis date:

4/19/2024 1:21:48 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.150960

896

avast!

Win32:Dropper-gen [Drp]

140617-1

AVG

Generic5

2015.0.3374

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.14822

Bitdefender

Gen:Variant.Graftor.150960

1.0.20.1170

Emsisoft Anti-Malware

Gen:Variant.Graftor.150960

8.14.08.22.06

ESET NOD32

Win32/AdWare.AddLyrics.BE application

8.7.0.302.0

F-Secure

Gen:Variant.Graftor.150960

11.2014-22-08_6

G Data

Gen:Variant.Graftor.150960

14.8.24

MicroWorld eScan

Gen:Variant.Graftor.150960

15.0.0.702

Qihoo 360 Security

Win32/Trojan.Dropper.c9f

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.8.22.18

Sophos

AddLyrics

4.98

VIPRE Antivirus

Threat.5063086

32210

File size:

193 KB (197,632 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\ver8re-markable\x7re-markableco176.exe

File PE Metadata

Compilation timestamp:

8/3/2014 4:36:52 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

11.0

CTPH (ssdeep):

3072:yim/dmISITjppFWNs+dR5xH+nHY+BGJECTSjaYQb:yimvvTjpzus+dJHABmEC4e

Entry address:

0x10A32

Entry point:

E8, E1, 67, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C... 
[+]

Entropy:

6.1493

Code size:

99.5 KB (101,888 bytes)

Local Proxy Server

Proxy for:

Internet Settings

Local host address:

http://127.0.0.1:14334/

Local host port:

14334

Default credentials:

The file x7re-markableco176.exe has been discovered within the following program.

Re-Markable by Revizer Technologies

Re-Markable is an advertising injecting web browser addon that displays ads on web pages not associated with the program. It does this by using a local proxy server to route all web traffic through and display ads in the forms of banner ads, video ads and text-links.

re-markable.net

80% remove it

Remove x7re-markableco176.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.