apctcpx.exe

Advanced PC-Care

advanced pc care

The application apctcpx.exe, “Advanced PC-Care Setup ” by advanced pc care has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from hasurl.com and multiple other hosts.
Publisher:
advancedpccare.net   (signed by advanced pc care)

Product:
Advanced PC-Care

Description:
Advanced PC-Care Setup

MD5:
f1d0849cdbfe29dba5dc09acbe90f0cd

SHA-1:
c0094ac5e307f2c1e867413ee8b2e720c3190600

SHA-256:
c0a87e8f7ea8fa55b98e89aafbb36ba1d61c485b865184e1735a1bd11c46d23f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 8:23:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.PCCare.advanced.Installer.Meta (L)
16.7.1.16

File size:
4.4 MB (4,598,528 bytes)

Product version:
1.0.0.11232

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\apctcpx.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
3/15/2016 8:00:00 AM

Valid to:
3/16/2017 7:59:59 AM

Subject:
CN=advanced pc care, OU=management, O=advanced pc care, STREET=58/5 MODEL TOWN-A, STREET=MALVIYA NAGAR, L=Jaipur, S=Rajasthan, PostalCode=302017, C=IN

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
35AC66200A1F14A560852B65B097EA09

File PE Metadata
Compilation timestamp:
1/15/2016 4:22:50 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:wWOfNY2XbDrk9kyBJMILoV8bYCUl4xAy7AUic1m38GwIgVrep:ETrD49ks8V8bYWxd7AlwI+Y

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86...
 
[+]

Entropy:
7.9861

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file apctcpx.exe has been seen being distributed by the following 16 URLs.

https://hasurl.com/iH?sid=4251&pub=270292&c1=Chrome&c2=adult dating&c3=badious-buzzard

https://hasurl.com/cdn-cgi/.../chk_captcha?id=2bbbb54341b8110b&g-recaptcha-response=03AHJ_VuvXtEAcbs8YRCCQnpOPJ9jk2WF8qhRoTOr3DQfJWhDiRZKP_5doyA4w81WdiiElnIlRrfKHv6qrcpddSwG2-rW19Z9Igxo4Lb185jWfym7RNNzPoQNsZLlO5_FuRkgQevGeZKmLLzjAvIi-e1V9wn6plfzf7E4mSAxXLPpCBQ0rKqXGQGCoCsONtEc34DG4uuIseXwbgsZ1_K8R8H3FWvBbdT-wi_GPSaIaR4nMRjfP3PxctmuXUgple-H19LrZTQoJjblmRJW-02ep8bYa75agBEQTBe5OiGK6Ci1fHKZX4FV-TsuY6VizGXODkGXaGRMJ_n25KrEmtKdnq-zvR0_v3Hn2gWZK7Q9HgoGBl6Ux2oSKvSlITlGoOfqLcqAdXSI9pkJ-4qXh8du0A3dlaR-o_Knu11Koya4HS90CyimAMEAKS86c9HUXOpKnHPXGea-1J3DdCWIsRcHdeeCGUnupFhE5SbczyOA7a_a_LR1zhbLGeR1ilT0I5IIhJMsuGpU2HA4kuiHvdjGIDlrHUEReX1VT0DtEh-H8_m2Xe9LqFotF0_UfC2AtmH6Znohc_SLoW5TIGydQMUXVgZhw0hU4T-kY1W7aOQgkgb5gqOIM8WtOl4verLvBGiTPFKcY0Ao2OvNFiznYbbf_mQhMHVfubOP2SnLd33QmxLiRkJmVNmmm27n8MqwFS2jbdIVOCCGP9NT2frfk0lRX-6AvEORWsrS0ygpI2VgQD2MB90ImbsDC58GyoXkqjBojdK7n_9c5XckIQchIu8wY_5r73uGSo7xJv6OfI18mE7Jxr0mFjWxhJZ9KxJHoLf6JF2hd1O5ce6IyBUwfuPXPBsYWi4fg6XhKr8aft6zxrpz978NwojdUjZrycL5_CNho5LCHgAJ7CmMV8xYV7HIE

https://hasurl.com/iH?sid=4251&pub=270292&c1=Chrome&c2=free dictionary&c3=gamboge-moose

http://www.affyieldaff.com/.../r.php?sid=2991&pub=270292&c1=ad_go_push&c2=push_new_ad

https://hasurl.com/iG?sid=4571&pub=270292&c1=badious-buzzard&c2=holeaddicted&c3=Windows

http://www.affyieldaff.com/.../r.php?sid=2991&pub=270198

https://hasurl.com/iG?sid=4571&pub=270292&c1=porraceous-llama&c2=diesamateurmatch,flirt&c3=Windows

https://hasurl.com/iU

http://advancedpccare.com/downloadirect_cpx.asp?x-context=821378114&utm_source=tcpx&utm_campaign=tcpx&pxl=TCP903_TCP885_RUNT&utm_pubid=pubid&x-at=270292

Remove apctcpx.exe - Powered by Reason Core Security