apcsetuprmr.exe

Advanced PC Care

PCVARK SOFTWARE PRIVATE LIMITED

The application apcsetuprmr.exe by PCVARK SOFTWARE PRIVATE LIMITED has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from advancedpccare.com and multiple other hosts.
Publisher:
Advancedpccare.com   (signed by PCVARK SOFTWARE PRIVATE LIMITED)

Product:
Advanced PC Care

Version:
Advanced PC Care

MD5:
d430de2ee8ca1033de678a24a0fa5860

SHA-1:
379a334449972d3fb67e25bf4d58ec26136a8714

SHA-256:
3c7ed22bf1ac872eeb0158f207a84d1d7673eb38e202270b28f81401d03a3850

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 6:30:38 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.AdvancePCCare.Optional.Installer.Meta (L)
16.6.13.19

File size:
3.8 MB (3,940,200 bytes)

Product version:
1.0.0.2024

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\apcsetuprmr.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
6/7/2015 8:00:00 PM

Valid to:
6/7/2016 7:59:59 PM

Subject:
CN=PCVARK SOFTWARE PRIVATE LIMITED, OU=Tech, O=PCVARK SOFTWARE PRIVATE LIMITED, L=Jaipur, S=Rajasthan, C=IN, SERIALNUMBER=047363, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IN

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
58D13858D2E7BC50E2E42ABF763827E1

File PE Metadata
Compilation timestamp:
7/9/2014 3:58:13 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:BkdgiDgHcI3GFsEl6Vtgp2jNksX9MZDVATng4D52gHlAfthTb5i+kVo4C:+dsHcARVt22ysXGZDCTg8FHEtlti+z5

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Entropy:
7.9821

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file apcsetuprmr.exe has been seen being distributed by the following 47 URLs.

http://advancedpccare.com/download_ip_mr.asp?utm_source=mr&utm_campaign=mr&utm_pubid=mr_52641029&x-context=adk2_VHqxcEsOGED4DPUaaJT5lpRW6SEgc-WNQIvBvUi3FMOrWRa0XXNyT-V6QhTTvUKZ5cbKu7KVkWYbowxDk5H4Gi7us7BJ4W0KoNAO5xAYdwOsM3tZwYGUr9mlicQQiJWqx1FVCXptFQI-ubQlB3HMIa3MKzIqVfhbZApMGuRRn--4fbRLjiJ7UdFf4PZVy-q2C3iyC3yLn7PZizuo0lc-y_jU9P0sc6b5ImxPqOVbdItxPR2AqI8w9RFUviWc__v79QJoDqArsVgdUDhZauxbe5cud6RieS8w2LpQKlbGJDA-w_M8QoJBsTnNxoIXBsyyajSFMqVtl01rcuBJBgsJd1dUeL79Cmh45J33qIp2O-DC0P2LdnknMwhKrZ5-j2SNw6v1kc0IElVk-aObaGo2u1sFQW4obuyLPlw9DwQnVHHlN_3gCY5TJDzV88_yQ_5jm9xX8x2wBIWkGvw6&x-at=52641029

http://advancedpccare.com/download_ip_mr.asp?utm_source=mr&utm_campaign=mr&utm_pubid=mr_52542154&x-context=adk2_O2cR_SsCskEp7KP0G5dAbsmWkywz_7nl_dxnYSoCa0Sb97mRMaQt_hRj5gTsXmAd3R2TxMbyRCAEYa630Lr3fTEBNpPlvRya6_p3XHpiRSPMlOv0pl7KRMaERV-wKUno4CyAkwLJ8U_qxZ0eKPBrxICtBMe2lXJ0MZ90zzKJg1dzbo6iVnxvmz3rq9Fr4FAAmPV8DyuNyJFrwftJsu3uQEkA9DLRhZ6UB6Ze5sT0dFvyHIBWXVxEXM0JcnWKQahMFQeDTHQT1MJiXIs53TSoJetfAG-tPaKS_pH3UfMpW6V_SVLsB4-15ny238T38hxT6QLIj6qEQLB-zAg2ylPnoAI7icGgsaNnp8r65AUno8uQY7DABnq2rSU9ZbPonIuKLudz8qim2D5ZdfJCLIaoV22ehs1EPBfaxV8lKl3lLTbZ5vwC7s7gK8oo&x-at=52542154

http://advancedpccare.com/download_ip_mr.asp?utm_source=mr&utm_campaign=mr&utm_pubid=mr_70010412&x-context=adk2_jLy9eKYJylrYiXE2ggo-jJnz5tprEttsdXndo8meqz3N1FUzYISNOYf7_9ZITOG7j_4lOX1uzhB9T6viInYKCpcPo8KT-83sDT9gNPMzb0Hlq_FokSZzEYHwEiqhQBEBewUKVuYYP4R-EUojn2f9CMqRqF6TxWL0F3nSXofrMV9lF61n5IB3bZt6FfqkQhLSZ1tptMq4b62i55HSj9_xci6APze_w98G6smo7AMOaka1KDC_VaRV5_CnWMS3QUNdNydOjS2IvhEQYVkTOwcBXEwb9588Ww-AU3RV9syb5lwAZIw6cB826Lza5JmjNGp--YrjDX9NBmR0YfwuOPaJ4ZlHfZzP_xcYOVeWZtXc6R3F54oT-r5EGZz_IrDNv1Jd6HCqotMTKlXx83Bw8NFoJny1X7DNgiYuMU34ApbDaE81dWnUWnOVZShokJc&x-at=70010412

http://advancedpccare.com/download_ip_mr.asp?utm_source=mr&utm_campaign=mr&utm_pubid=mr_70006486&x-context=adk2_F1AZWUzBR7ZHmYXF7DA-ZX2Vtl6Pw9AV8c9lU1UHPT4cE5f2NN2yzpz1ZLzjJ-twwOBUmmudNZPoEc50asy5s7rvItZetUH1pc_wqslqc2jq3B0uPVXBa4f6U_uZGWM651AWOkCBiOxIfZ1Q6JJ8Q4CBE_dFeuyMaJPfaM00QCh5LbEm7xO_s6i5klKudvoBjyTsRNM0e0Omioq3RFCLCyv6Ps46weyfRN5cBMKQAwYvyiEZa-UUI3uwNdEL2jQeAk4U-yvbegbHW_-Mg3ixGAuDUH0pnS2FDN3ScsXS83-yAloq2t9lXhN-lXOOygY6LKUAttoLuJ2422L9whI4QvwiVR9XFJMm2Zx3BoOtSxrQzLPzn84-krqNvq-JyNlFf0KgDUjpWsbG0nAGQN5LCrZg1PY6pkpdjmJkC74lWhCwXc8le1AM8mOfslEIMxHSw_p_mTklsu-krZVlwbY&x-at=70006486

http://advancedpccare.com/download_ip_mr.asp?utm_source=mr&utm_campaign=mr&utm_pubid=mr_70211690&x-context=adk2_6H-2-sBu47waUCWH4bsAfLMBp2IgtIbfCNJFgXZ_dbJ2nT2FUtqAzSSL2a6WPKIGiEPGuhV992YzD_ItK810J9sqQYrAvZBUU9_t5gkyLZNHwQTSR-CK8uRuLnWJYaqhJaorSxj6rpmJTb-QYm20s6Bri-VBgDkhLb4kbVf48Jv1jz_T649dBhZOA6pqlwrjsLzqj5CXwTqX8c2mLKC060R3AzrDE2IS_IA74RT4MjBGC3wDTOgwd9T81A9_FdB-4HNxVFuqsAchF8w0ttB6pnQJczVGX_Uq5yND8kP5Q9lMY5hmsUomjZwEn9UjI4L4BMh4hnemXorriohrjF3Xmwg-0f8CyFob6kngnrOXBHcVMi29pqY_8rBZwPFWEkfmxoKcXjLrYlubH_7L0FIn6UxV8cT0da2Ql4qHV5H11WCy&x-at=70211690

http://advancedpccare.com/download_ip_mr.asp?utm_source=mr&utm_campaign=mr&utm_pubid=mr_70227464&x-context=adk2_ixwkSdHTBcslE0Li20v0-H-gEYQ-biP4kiRbVwX2YkT3Y5kxQN5z_S9Mb-3TENMdhbeBWNc_GoA-sWBiQAknx6f2LBomkDLU6y0gg5v6ZDRUkqtehtMxEsFDhep6sM82bWU0_x85Pem1ozjjNY8FkFC5k6CSqdV_tBjfPbgoIB64dyfUIZSTwoi8qit1k3K6gwCQG5sOwhnU2Zou1Mc03Kj_6AtQGYn8BYz6y9tUINe9Zyp_MrVkrX1gx75OlbIMJulvivaIjBDmqCf5NiJw9GObutcsucYCgMS8PmHAJYftFy_ca1GmoCr1j-lQYEEYNaxuOec46T6qcTg9SyfBo32lazYVQv-vBgSNBrnJZsB1z8n2wij0HJCenvPjNt0v3PB586F0ZWyuEJnhedDSBJg-TexNXIGFDFFPtXFeypBdfU2Xecg97yqFsGs3Gl0apy-9xZ6Z7jVx&x-at=70227464

Latest 30 of 47 download URLs

Remove apcsetuprmr.exe - Powered by Reason Core Security