home

BaiSix.exe

3583_amt_oursurfing

BaiSix

The file BaiSix.exe has been detected as a potentially unwanted program by 16 anti-malware scanners.
Publisher:
BaiSix

Product:
3583_amt_oursurfing

Description:
BaiSix

Version:
6.3.7602.2124

MD5:
aa39806696830a55e969618a101c0e06

SHA-1:
772dce34c5d243721268e666d082016fed6cb13b

SHA-256:
29b74886d434f4801b0269644c90b029360509eb512d45e0fadd9901c29863c7

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 6:26:56 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.1261596
643

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.LuckySearches
2015.05.03

Bitdefender
Application.Generic.1261596
1.0.20.610

Emsisoft Anti-Malware
Application.Generic.1261596
8.15.05.02.10

ESET NOD32
Win32/LiMo.C potentially unwanted application
9.7.0.302.0

F-Secure
Riskware.Application.Generic.1261596
11.2015-02-05_7

G Data
Application.Generic.1261596
15.5.25

herdProtect (fuzzy)
variant of awh5ff4.tmp
2015.8.1.8

K7 AntiVirus
Adware
13.203.15786

MicroWorld eScan
Application.Generic.1261596
16.0.0.366

NANO AntiVirus
Riskware.Win32.Mutabaha.dqesbj
0.30.24.1357

Reason Heuristics
Threat.Win.Reputation.IMP
15.5.2.18

Sophos
PUA 'Elex' (of type Adware)
5.13

VIPRE Antivirus
Threat.4150696
39676

Zillya! Antivirus
Downloader.Adload.Win32.19234
2.0.0.2164

File size:
704.2 KB (721,104 bytes)

Product version:
6.3.7602.2124

Copyright:
BaiSix.com

Original file name:
BaiSix.exe

Language:
English (United Kingdom)

Common path:
C:\users\{user}\appdata\local\temp\awhe66c.tmp

File PE Metadata
Compilation timestamp:
4/2/2015 11:22:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:o7b5VIL4YwyVFJL9qVTvkqcDzcvEghPcTOCa5NqO/cNC5gUCZuTdp4V5:ov7epqt8qcDovfRcnO/cfZuT34V5

Entry address:
0x3DFE3

Entry point:
E8, 20, CA, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, 3C, F5, 30, DB, 49, 00, 00, 75, 13, 56, E8, 71, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 11, E8, 01, 4C, 00, 00, 59, FF, 34, F5, 30, DB, 49, 00, FF, 15, B0, F1, 47, 00, 5E, 5D, C3, 56, 57, BE, 30, DB, 49, 00, 8B, FE, 53, 8B, 1F, 85, DB, 74, 17, 83, 7F, 04, 01, 74, 11, 53, FF, 15, B8, F1, 47, 00, 53, E8, CF, A8, FF, FF, 83, 27, 00, 59, 83, C7, 08, 81, FF, 50, DC, 49, 00, 7C, D8, 5B, 83, 3E, 00, 74, 0E, 83, 7E, 04, 01, 75, 08, FF, 36, FF, 15...
 
[+]

Entropy:
6.3279

Code size:
501 KB (513,024 bytes)

Remove BaiSix.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.