home

yqtivytjx.exe

Finance Alert

Valid Applications

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The application yqtivytjx.exe by Valid Applications has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Valid Applications  (signed and verified)

Product:
Finance Alert

Description:
FinanceAlert

Version:
1.0.0.0

MD5:
21451fc977a3a247dabae3eb4b9a700a

SHA-1:
ebcc40829ed4376a7539d8c9119528e2b24fcb77

SHA-256:
20862c4ada94a9c3885f607519f8fcdb0c7a3534a88e70d5fafe552ca6c2be86

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
6/23/2025 5:01:21 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Injekt (M)
16.7.17.5

File size:
48.4 KB (49,592 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Valid Applications 2015

Original file name:
FinanceAlert.exe

File type:
Executable application (Win64 EXE)

Language:
Language Neutral

Common path:
C:\ProgramData\vooldjpn\dat\yqtivytjx.exe

Digital Signature
Signed by:
Valid Applications

Authority:
Symantec Corporation

Valid from:
9/16/2015 1:00:00 AM

Valid to:
10/21/2015 12:59:59 AM

Subject:
CN=Valid Applications, O=Valid Applications, L=St. James, S=St. James, C=BB

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
77EC37EEE1E5112777E0776C7062CA74

File PE Metadata
Compilation timestamp:
9/19/2015 6:50:08 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:LGKSy2MepG0VXTrf0EX9phyygW5BgpCClbYreKYQ8zq6:qHtpG0F0O/wyspCWbY7tEq6

Entry address:
0xBF4E

Entry point:
48, A1, 00, 20, 00, 40, 00, 00, 00, 00, FF, E0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.6409

Code size:
40 KB (40,960 bytes)

Remove yqtivytjx.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.