adxregistrator.exe

Add-in Express .NET

AVSoftware EOOD

The software installer uses the StartInstall.com download manager which bundles additional adware offers (toolbars and utilities such as the SafeSearch toolbar) during setup. The application adxregistrator.exe by AVSoftware EOOD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Add-in Express Ltd.  (signed by AVSoftware EOOD)

Product:
Add-in Express .NET

Description:
adxregistrator

Version:
9.2.6124.0

MD5:
cde5d990d355dfb19a7159bcc6abcbe5

SHA-1:
34a3e3f12a7f5c0c9115df0785e5e075c13b4e3f

SHA-256:
8cd2750f4afdf7fdbc07f6d34303c4ef9eed22d79e036f072efce51c45848953

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 4:23:25 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AVSoftware EOOD.AVSoftwareEOOD (M)
16.1.2.15

File size:
150.9 KB (154,528 bytes)

Product version:
9.2.6124.0

Copyright:
Copyright (C) 2009-2010

Original file name:
adxregistrator.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\mapseasy\ie\adxregistrator.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
12/30/2015 4:00:00 PM

Valid to:
6/3/2016 4:59:59 PM

Subject:
CN=AVSoftware EOOD, O=AVSoftware EOOD, L=Sofia, S=Sofia, C=BG

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
57ABCD2BCF9FD1CFD5A1BABF2579820E

File PE Metadata
Compilation timestamp:
10/14/2014 4:28:50 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:CM3GdFZ2+ERtr5X/msd2q2AkDKqKUhFI8AhMJkv6lA+GbSzKHW6leE2klZHzMTMu:7+Q5qrJk/bWvWAIRYsxjBhXcRt

Entry address:
0xC7CF

Entry point:
E8, 8B, 28, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, AE, 00, 00, 00, 3B, 0D, 70, 10, 42, 00, 75, 02, F3, C3, E9, 07, 29, 00, 00, 8B, FF, 55, 8B, EC, 5D, E9, DB, FF, FF, FF, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, B4, 27, 42, 00, 00, 75, 18, E8, 2E, 1A, 00, 00, 6A, 1E, E8, 78, 18, 00, 00, 68, FF, 00, 00, 00, E8, 88, 15, 00, 00, 59, 59, 85, DB, 74, 04, 8B, C3, EB, 03, 33, C0, 40, 50, 6A, 00, FF, 35, B4, 27, 42, 00, FF, 15, E0, A0, 41, 00, 8B, F8, 85, FF, 75, 26...
 
[+]

Entropy:
6.4311

Code size:
100 KB (102,400 bytes)

Remove adxregistrator.exe - Powered by Reason Core Security