BackgroundEngine.exe

Background Engine Script

Fedorov Paul

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application BackgroundEngine.exe by Fedorov Paul has been detected as adware by 2 anti-malware scanners.
Publisher:
Fedorov Paul  (signed and verified)

Product:
Background Engine Script

Version:
1.0.0.1

MD5:
2b3861fca5d0f0805a8a91bb817c02cd

SHA-1:
e8a36f9a1d79b5e050fef4c43a4cd8666d80deb8

SHA-256:
6be695265a6ec9dc17a77205f7771b9039296cddc6cdf61aee1d56f4e27f4f07

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
11/27/2024 1:35:18 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.BGuard.31
9.0.1.034

Reason Heuristics
PUP.Webpick.FedorovPaul (M)
16.2.3.16

File size:
289.6 KB (296,544 bytes)

Product version:
1.0.0.1

Copyright:
TODO: (c) <Company name>. All rights reserved.

Original file name:
BackgroundEngine.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\gigabase\basement\backgroundengine.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
8/28/2012 3:00:00 AM

Valid to:
8/29/2013 2:59:59 AM

Subject:
CN=Fedorov Paul, OU=Individual Developer, O=No Organization Affiliation, L=Saint-Petersburg, S=Saint-Petersburg, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
702D4055EE5CC734192DCBDFFE7AE8E1

File PE Metadata
Compilation timestamp:
1/28/2013 1:27:03 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:Ap8D52aQEXAu9YuPOOBGu/AH8O5Wk3FfLMER7Pu1YnBwFHZjqPPQ4d49+j2GShnO:eajXAuqRH75WkNLMEgGEZjJ4d4AZShO

Entry address:
0x1F5D9

Entry point:
E8, A3, 7A, 00, 00, E9, 79, FE, FF, FF, 6A, 0C, 68, E8, BE, 43, 00, E8, 55, 04, 00, 00, 33, F6, 89, 75, E4, 33, C0, 8B, 5D, 08, 3B, DE, 0F, 95, C0, 3B, C6, 75, 1C, E8, 9D, 0A, 00, 00, C7, 00, 16, 00, 00, 00, 56, 56, 56, 56, 56, E8, 25, 0A, 00, 00, 83, C4, 14, 33, C0, EB, 7B, 33, C0, 8B, 7D, 0C, 3B, FE, 0F, 95, C0, 3B, C6, 74, D6, 33, C0, 66, 39, 37, 0F, 95, C0, 3B, C6, 74, CA, E8, 43, 7F, 00, 00, 89, 45, 08, 3B, C6, 75, 0D, E8, 5B, 0A, 00, 00, C7, 00, 18, 00, 00, 00, EB, C9, 89, 75, FC, 66, 39, 33, 75, 20...
 
[+]

Code size:
198 KB (202,752 bytes)

Internet Explorer Menu Extension
Name:
&Leave a note for Been users


Remove BackgroundEngine.exe - Powered by Reason Core Security