AdMunch.exe

Ad Muncher

Murray Hurps Software Pty Ltd

This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Ad Muncher’. The file has been seen being downloaded from www.admuncher.com.
Publisher:
Murray Hurps Software Pty Ltd  (signed and verified)

Product:
Ad Muncher

Version:
4.94.34115 Beta (Free)

MD5:
a83600a9f34196d04f15dff9f91f7249

SHA-1:
f1067b1dba6e01535fece9572015b42aed6e3582

SHA-256:
d4ffd3de5e5e8b0336b8861b6ebb3e258ead6a5c663db0960dc87b295e9e3c53

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/22/2024 10:50:52 PM UTC  (today)

File size:
547.6 KB (560,760 bytes)

Product version:
4.94.34115 Beta (Free)

Copyright:
Copyright © Murray Hurps Software Pty Ltd

Original file name:
AdMunch.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ad muncher\admunch.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
10/13/2014 5:25:47 AM

Valid to:
10/13/2015 5:25:47 AM

Subject:
CN=Murray Hurps Software Pty Ltd, O=Murray Hurps Software Pty Ltd, L=Box Hill, S=New South Wales, C=AU

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00C1A391D64C66

File PE Metadata
Compilation timestamp:
11/14/2052 4:04:48 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:ldYxhPP+Jt9h7mKjXkqo6zDQtefEG3U/g++LMtspoSl:l+xhPmt37mKjUqoYo/gRQq5

Entry address:
0x6B3030

Entry point:
60, BE, 00, 20, A3, 00, 8D, BE, 00, F0, 9C, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 43, 12, 6B, 00, 57, 83, C3, 04, 53, 68, 24, 10, 08, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Code size:
520 KB (532,480 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Ad Muncher

Command:
"C:\Program Files\ad muncher\admunch.exe" \bt


The file AdMunch.exe has been seen being distributed by the following URL.

Scan AdMunch.exe - Powered by Reason Core Security