» aamedint.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

aamedint.exe

Mindspark Toolbar Platform for Internet Explorer

Mindspark Interactive Network

The application aamedint.exe, “Mindspark Toolbar Platform” by Mindspark Interactive Network has been detected as a potentially unwanted program by 11 anti-malware scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Elite Unzip EPM Support’. This file is typically installed with the program Elite Unzip Toolbar & Supporting Application by Mindspark Interactive Network which is a potentially unwanted software program. This version of the file will bundle a Mindspark/MyWebSearch Toolbar, a potentially unwanted web browser extension.

File name:

aamedint.exe

Publisher:

Mindspark (signed by Mindspark Interactive Network)

Product:

Mindspark Toolbar Platform for Internet Explorer

Description:

Mindspark Toolbar Platform

Version:

1.0.7.247

MD5:

6f0255ccfc268848c64dbf8ec40f556e

SHA-1:

972003ec3968f8fef6fabd32440e2f764896b633

SHA-256:

c3ff3062dc007d7b834c268fa90db9cd31535a09cfb9f9c05a255a8126b294f7

Scanner detections:

11 / 68

Status:

Potentially unwanted

Analysis date:

5/10/2024 12:52:41 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

PUA.Toolbar.MyWebSearch

7.1.1

avast!

Win32:Mindspark-A [PUP]

2014.9-150812

Bkav FE

W32.HfsAdware

1.3.0.7062

Dr.Web

Adware.MyWebSearch.103

9.0.1.0224

ESET NOD32

Win32/Toolbar.MyWebSearch.AJ potentially unwanted (variant)

9.12079

herdProtect (fuzzy)

variant of 65medint.exe (Adware)

2015.9.23.18

Malwarebytes

PUP.Optional.Mindspark.A

v2015.08.12.02

Reason Heuristics

PUP.MyWebSearch.Mindspark.Toolbar (M)

15.8.12.14

SUPERAntiSpyware

Adware.MindSpark/Variant

9696

VIPRE Antivirus

MyWebSearch.J

42798

Zillya! Antivirus

Adware.MyWebSearch.Win32.1392

2.0.0.2348

File size:

11.3 KB (11,600 bytes)

Product version:

2.5.15.19

Original file name:

t8MedInt.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\eliteunzip_aa\bar\1.bin\aamedint.exe

Digital Signature

Signed by:

Mindspark Interactive Network

Authority:

VeriSign, Inc.

Valid from:

4/20/2015 8:00:00 AM

Valid to:

6/19/2018 7:59:59 AM

Subject:

CN=Mindspark Interactive Network, O=Mindspark Interactive Network, L=Yonkers, S=New York, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

438D4291E43C2DFFEEAAAEE5B6C070B5

File PE Metadata

Compilation timestamp:

6/17/2015 10:47:47 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

192:dWhqlIg8GbRWeWaWUdnYe+PjPBkrO1tC7d/r9ZCspE+TMIrYbR8lz:Mhfg8GbRWeWaWenYPLB11w6eMDbRS

Entry address:

0x103B

Entry point:

55, 8B, EC, B8, 50, 81, 00, 00, E8, 68, 02, 00, 00, 53, 56, 57, FF, 15, 0C, 20, 40, 00, 32, D2, 8A, 08, 80, F9, 20, 7F, 08, 84, C9, 74, 11, 84, D2, 74, 0D, 80, F9, 22, 75, 05, 84, D2, 0F, 94, C2, 40, EB, E4, 8A, 08, 84, C9, 74, 08, 80, F9, 20, 7F, 03, 40, EB, F2, 8D, 8D, B0, 7E, FF, FF, 8B, D0, 8B, C1, 33, FF, BE, 00, 80, 00, 00, 2B, D0, 8D, 86, FE, 7F, FF, 7F, 85, C0, 74, 0D, 8A, 04, 0A, 84, C0, 74, 06, 88, 01, 41, 4E, 75, E9, 85, F6, 75, 06, 49, BF, 7A, 00, 07, 80, C6, 01, 00, 89, 7D, FC, 85, FF, 0F, 88... 
[+]

Entropy:

6.2266

Developed / compiled with:

Microsoft Visual C++

Code size:

1024 Bytes (1,024 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Elite Unzip EPM Support

Command:

"C:\Program Files2\eliteu~1\bar\1.bin\aamedint.exe" t8epmsup.dll,s

The file aamedint.exe has been discovered within the following program.

Elite Unzip Toolbar & Supporting Application by Mindspark Interactive Network

support.mindspark.com

64% remove it

Remove aamedint.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.