» air3dc.exe
Overview
Analysis
File Details

air3dc.exe

System Alerts

The application air3dc.exe by System Alerts has been detected as adware by 4 anti-malware scanners. It is also typically executed from the user's temporary directory.

File name:

air3dc.exe

Publisher:

System Alerts (signed and verified)

MD5:

06122e7d0db306f44b9bc7162e902a12

SHA-1:

c0e938472480385eeb7037b516eb5235cfe550f7

SHA-256:

221e4da9130be6ffd1e754a26f7082b9b2d734f85fafad4d26a28172705665d9

Scanner detections:

4 / 68

Status:

Adware

Analysis date:

11/23/2024 1:56:52 AM UTC (today)

Scan engine

Detection

Engine version

Malwarebytes

PUP.Optional.DesktopTemperature.A

v2015.02.26.10

Reason Heuristics

PUP.SystemAlerts

15.6.7.12

Trend Micro House Call

Suspicious_GEN.F47V0127

7.2.57

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.3

File size:

323.7 KB (331,424 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\air3dc.exe

Digital Signature

Signed by:

System Alerts

Authority:

COMODO CA Limited

Valid from:

12/15/2014 6:00:00 PM

Valid to:

12/16/2015 5:59:59 PM

Subject:

CN=System Alerts, O=System Alerts, STREET=250 Park Ave Ste 504, L=Minneapolis, S=MN, PostalCode=55415, C=US

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

008E7E5AF881AA310D8C70AF506C594EA1

File PE Metadata

Compilation timestamp:

1/12/2015 4:41:39 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:O6YlQPBCgiI529DPcVdEck6AKpub080UdThahYPp6lHT+b8e0YUJTOJ910y97:O6mQPBCgp29B6rpuboO8kyAsG/0yB

Entry address:

0x20D18

Entry point:

E8, AD, 94, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, 3C, F5, 28, 6E, 44, 00, 00, 75, 13, 56, E8, 71, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 11, E8, C8, 74, 00, 00, 59, FF, 34, F5, 28, 6E, 44, 00, FF, 15, 40, A0, 43, 00, 5E, 5D, C3, 56, 57, BE, 28, 6E, 44, 00, 8B, FE, 53, 8B, 1F, 85, DB, 74, 17, 83, 7F, 04, 01, 74, 11, 53, FF, 15, 48, A0, 43, 00, 53, E8, 8A, E8, FF, FF, 83, 27, 00, 59, 83, C7, 08, 81, FF, 48, 6F, 44, 00, 7C, D8, 5B, 83, 3E, 00, 74, 0E, 83, 7E, 04, 01, 75, 08, FF, 36, FF, 15... 
[+]

Entropy:

6.3096

Code size:

228 KB (233,472 bytes)

Remove air3dc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.