amt_oursurfing.exe

4959_amt_oursurfing

Giner Tech Inc

The application amt_oursurfing.exe by Giner Tech Inc has been detected as adware by 14 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
Giner Tech Inc  (signed and verified)

Product:
4959_amt_oursurfing

Description:
Installer Module

Version:
1.0.0.2

MD5:
db27ce84fbf7a2019bd9bef958493339

SHA-1:
7dedc40d2ac10f4b0d772da4c67b462e6ce5aaff

Scanner detections:
14 / 68

Status:
Adware

Analysis date:
12/25/2024 8:16:20 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Jatif.390
471

Arcabit
PUP.Adware.GinerTech
1.0.0.585

Baidu Antivirus
Adware.Win32.ELEX
4.0.3.151022

Bitdefender
Gen:Variant.Application.Jatif.390
1.0.20.1475

Bkav FE
W32.HfsAdware
1.3.0.7237

Dr.Web
Adware.Mutabaha.802
9.0.1.0295

ESET NOD32
Win32/ELEX.FK potentially unwanted (variant)
9.12441

Fortinet FortiGate
Riskware/Elex
10/22/2015

F-Secure
Gen:Variant.Application.Jatif
11.2015-22-10_5

G Data
Gen:Variant.Application.Jatif.390
15.10.25

Malwarebytes
PUP.Optional.OurSeaching
v2015.10.22.02

MicroWorld eScan
Gen:Variant.Application.Jatif.390
16.0.0.885

Reason Heuristics
PUP.Thinknice.GinerTech.Installer (M)
15.10.22.2

VIPRE Antivirus
Trojan.Win32.Generic
44710

File size:
538.6 KB (551,560 bytes)

Product version:
1.0.0.2

Copyright:
Copyright 2015

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\amt_oursurfing.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
10/19/2015 5:31:10 AM

Valid to:
12/2/2015 5:23:38 AM

Subject:
CN=Giner Tech Inc, O=Giner Tech Inc, L=Wilmington, S=Delaware, C=US

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112106B3EDF5DE21FE5DD0E0F44EB00F51DB

File PE Metadata
Compilation timestamp:
10/15/2015 7:39:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:yOadwD+OFIWCCCwOvmBU5SWCN17GfEuvFM4OrPBWaD2WXN9ihrrrrZg:MEwgWCOEuvFM4+saDvXN9iDg

Entry address:
0x2EF57

Entry point:
E8, C7, AD, 00, 00, E9, 39, FE, FF, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 85, FF, 74, 13, 8B, 4D, 0C, 85, C9, 74, 0C, 8B, 55, 10, 85, D2, 75, 1A, 33, C0, 66, 89, 07, E8, 64, 27, 00, 00, 6A, 16, 5E, 89, 30, E8, 04, 2E, 00, 00, 8B, C6, 5F, 5E, 5D, C3, 8B, F7, 66, 83, 3E, 00, 74, 06, 83, C6, 02, 49, 75, F4, 85, C9, 74, D4, 2B, F2, 0F, B7, 02, 66, 89, 04, 16, 8D, 52, 02, 66, 85, C0, 74, 03, 49, 75, EE, 33, C0, 85, C9, 75, D0, 66, 89, 07, E8, 20, 27, 00, 00, 6A, 22, EB, BA, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 74...
 
[+]

Code size:
346.5 KB (354,816 bytes)

Remove amt_oursurfing.exe - Powered by Reason Core Security