» dca-monitoring.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Network (2)

dca-monitoring.exe

Compete DCA Monitoring Tool

Compete Inc

The application dca-monitoring.exe by Compete Inc has been detected as a potentially unwanted program by 5 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program Consumer Input (remove only) by Compete Inc. which is a potentially unwanted software program.

File name:

dca-monitoring.exe

Publisher:

Compete, Inc. (signed by Compete Inc)

Product:

Compete DCA Monitoring Tool

Version:

3.2.1.631

MD5:

ec4025f6b4b73e6a4d8bea6c5fec6101

SHA-1:

faa0a123260c852792a4e16fe77ef4b480ab81a3

SHA-256:

46453fb15572f401c440b54f0f79156ee3759a06b4afcb0cb04eaf715f1516af

Scanner detections:

5 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 6:05:10 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Dr.Web

Trojan.Damaged.1

9.0.1.0213

Reason Heuristics

PUP.Task.Compete.O

14.8.1.0

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10449

VIPRE Antivirus

Compete

29702

File size:

1 MB (1,082,240 bytes)

Product version:

3.2.1.631

Original file name:

dca-monitoring.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\consumer input\monitoring\dca-monitoring.exe

Digital Signature

Signed by:

Compete Inc

Authority:

VeriSign, Inc.

Valid from:

2/6/2012 7:00:00 PM

Valid to:

1/10/2015 6:59:59 PM

Subject:

CN=Compete Inc, OU=operations, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Compete Inc, L=Boston, S=Massachusetts, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4A4ACAE072F8065D9C03E2A2240975B0

File PE Metadata

Compilation timestamp:

5/22/2014 10:33:34 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:+a+oxTvXOT6JDK6uv/159Vu283fMg4Sq7Ak330N3:R+Ev9cnVP83fMg4kk38

Entry address:

0x985E9

Entry point:

E8, 0D, AE, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 51, 8B, 45, 0C, 57, 8B, 7D, 08, 85, C0, 74, 02, 89, 38, 85, FF, 75, 17, E8, 7A, 53, 00, 00, C7, 00, 16, 00, 00, 00, E8, EF, 72, 00, 00, 33, C0, E9, 90, 01, 00, 00, 83, 7D, 10, 00, 74, 0C, 83, 7D, 10, 02, 7C, DD, 83, 7D, 10, 24, 7F, D7, 83, 65, FC, 00, 53, 56, 6A, 08, 5B, 0F, B7, 37, 53, 56, 83, C7, 02, E8, EC, AF, 00, 00, 59, 59, 85, C0, 75, ED, 66, 83, FE, 2D, 75, 06, 83, 4D, 14, 02, EB, 06, 66, 83, FE, 2B, 75, 06, 0F, B7, 37, 83, C7, 02, 83... 
[+]

Entropy:

6.5743

Code size:

757.5 KB (775,680 bytes)

Scheduled Task

Task name:

CIMT_SID

Trigger:

Daily (Runs daily at 10:16 PM)

Description:

Keeps dca-monitoring tool running.

The file dca-monitoring.exe has been discovered within the following program.

Consumer Input (remove only) by Compete Inc.

Consumer Input is the collection and analytics software for Compete.com statistics for Microsoft Internet Explorer. Compete.com is a web traffic analysis service that publishes the approximate number of global visitors to the top web sites in the world.

www.consumerinput.com

61% remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):

Connects to ec2-54-174-111-151.compute-1.amazonaws.com (54.174.111.151:443)

TCP (HTTP SSL):

Connects to unallocated.barefruit.co.uk (92.242.140.21:443)

Remove dca-monitoring.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.