alnaddytoolbarsrv.exe

Montera Technologeis LTD

This is part of the Montera web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application alnaddytoolbarsrv.exe by Montera Technologeis has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Montera Technologeis LTD  (signed and verified)

MD5:
d04a1c03541eb622f144f4e5c66f7c92

SHA-1:
5dd6e3c486e99dfac773487882f4e439bbacab46

SHA-256:
799428f7c185d59b7603802c0a7b6011494967f58c89e190f1347627b82f3d38

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/14/2024 9:34:39 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Montiera (M)
17.1.22.2

File size:
364 KB (372,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\alnaddy.com\alnaddytoolbar\1.8.4.9\alnaddytoolbarsrv.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
5/28/2012 2:00:00 AM

Valid to:
5/29/2013 1:59:59 AM

Subject:
CN=Montera Technologeis LTD, O=Montera Technologeis LTD, STREET="18, Amammi st", L=Even Yehuda, S=Hasharon, PostalCode=40500, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
361B49E5431DD304CA32589D28E4DD3C

File PE Metadata
Compilation timestamp:
11/14/2012 4:01:31 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x29D5B

Entry point:
E8, 92, 87, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 57, FF, 75, 10, 8D, 4D, F0, E8, 94, E2, FF, FF, 8B, 7D, 08, 85, FF, 75, 27, E8, 1D, 14, 00, 00, C7, 00, 16, 00, 00, 00, E8, 39, 17, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, A5, 00, 00, 00, 56, 8B, 75, 0C, 85, F6, 75, 24, E8, EE, 13, 00, 00, C7, 00, 16, 00, 00, 00, E8, 0A, 17, 00, 00, 80, 7D, FC, 00, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, EB, 78, 53, 8B, 5D, F4, 83, 7B, 08, 00...
 
[+]

Entropy:
6.3373

Code size:
253 KB (259,072 bytes)

Remove alnaddytoolbarsrv.exe - Powered by Reason Core Security