» {41e23727-cae6-4132-8005-c58f22686669}
Overview
Analysis
File Details

{41e23727-cae6-4132-8005-c58f22686669}

Useful Software

This is part of the Verti bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file {41e23727-cae6-4132-8005-c58f22686669} by Useful Software has been detected as adware by 22 anti-malware scanners.

File name:

Publisher:

Useful Software (signed and verified)

Version:

1.0.7.118

MD5:

b1081993f9a8aae4eb5cd3349715171b

SHA-1:

9be8bd467b9decff09d474f20eecf5d785f6b1c6

SHA-256:

180118b3fbdb3bb0b07d681f3c779a0b3b6f02bb5aa884ced8f6ffbae4e14d3c

Scanner detections:

22 / 68

Status:

Adware

Analysis date:

12/27/2024 1:04:21 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Riskware.Agent

7.1.1

AhnLab V3 Security

PUP/Win32.OptimumInstaller

2015.05.02

avast!

Win32:Adware-gen [Adw]

2014.9-150520

AVG

Generic

2016.0.3104

Bkav FE

W32.HfsAdware

1.3.0.6379

Comodo Security

ApplicUnwnt

21962

Dr.Web

Adware.Downware.9817

9.0.1.0140

ESET NOD32

Win32/Verti.J potentially unwanted (variant)

9.11563

Fortinet FortiGate

Riskware/Verti

5/20/2015

G Data

Win32.Application.Verti

15.5.25

K7 AntiVirus

Unwanted-Program

13.203.15778

McAfee

Artemis!B1081993F9A8

5600.6760

NANO AntiVirus

Riskware.Win32.Verti.dptfbk

0.30.24.1357

Norman

Agent.BKBXY

11.20150520

Panda Antivirus

Trj/Genetic.gen

15.05.20.12

Qihoo 360 Security

HEUR/QVM11.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.Verti.UsefulSoftware

15.5.19.20

Sophos

Generic PUA JL

4.98

Trend Micro House Call

TROJ_GEN.R02KC0EDU15

7.2.140

Trend Micro

TROJ_GEN.R02KC0EDU15

10.465.20

Vba32 AntiVirus

AdWare.Verti

3.12.26.3

VIPRE Antivirus

Rocketfuel Installer

39864

File size:

363.5 KB (372,264 bytes)

Product version:

1.0.7.118

Language:

English (United States)

Digital Signature

Signed by:

Useful Software

Authority:

VeriSign, Inc.

Valid from:

11/19/2014 5:30:00 AM

Valid to:

1/19/2016 5:29:59 AM

Subject:

CN=Useful Software, O=Useful Software, L=Bellevue, S=Washington, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

142135C80AA62D0F15501B4128FC6AEE

File PE Metadata

Compilation timestamp:

3/20/2015 9:43:09 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

6144:R3NlPYFMITLl1kiKDJrf8Ep1RwqTjDUfG7ezksIbdF+fB8AFnbYKc6cJN2IBV/UW:RdCFfL/KDhfN1RfXU+7BsIbT+58ga6cJ

Entry address:

0x16D580

Entry point:

60, BE, 00, B0, 51, 00, 8D, BE, 00, 60, EE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Entropy:

7.8419

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

332 KB (339,968 bytes)

Remove {41e23727-cae6-4132-8005-c58f22686669} - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.