home

BaiSix.exe

3583_amt_oursurfing

BaiSix

The file BaiSix.exe has been detected as a potentially unwanted program by 16 anti-malware scanners.
Publisher:
BaiSix

Product:
3583_amt_oursurfing

Description:
BaiSix

Version:
6.3.7602.2124

MD5:
da4893a11a354c049385e3c70301274e

SHA-1:
f1c951c59a60e7318fb98fc06f96db51d6fa3822

SHA-256:
1416362440680dd9db1535976e8ae7ca279020ccf92e3f300b8b6f1e407f9e95

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 8:58:35 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Application.Generic.1261596
642

Agnitum Outpost
PUA.Downloader
7.1.1

AhnLab V3 Security
PUP/Win32.LuckySearches
2015.05.04

Bitdefender
Application.Generic.1261596
1.0.20.615

Emsisoft Anti-Malware
Application.Generic.1261596
8.15.05.03.10

ESET NOD32
Win32/LiMo.C potentially unwanted application
7.0.302.0

F-Secure
Riskware.Application.Generic.1261596
11.2015-03-05_1

G Data
Application.Generic.1261596
15.5.25

herdProtect (fuzzy)
variant of awhe66c.tmp
2015.8.2.1

K7 AntiVirus
Adware
13.203.15786

MicroWorld eScan
Application.Generic.1261596
16.0.0.369

NANO AntiVirus
Riskware.Win32.Mutabaha.dqesbj
0.30.24.1357

Reason Heuristics
Threat.Win.Reputation.IMP
15.5.3.18

Sophos
PUA 'Elex' (of type Adware)
5.13

VIPRE Antivirus
Threat.4150696
39676

Zillya! Antivirus
Downloader.Adload.Win32.19234
2.0.0.2164

File size:
704.3 KB (721,189 bytes)

Product version:
6.3.7602.2124

Copyright:
BaiSix.com

Original file name:
BaiSix.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\awh5ff4.tmp

File PE Metadata
Compilation timestamp:
4/2/2015 11:22:54 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:o7b5VIL4YwyVFJL9qVTvkqcDzcvEghPcTOCa5NqO/cNC5gUCZuTdp4VM:ov7epqt8qcDovfRcnO/cfZuT34VM

Entry address:
0x3DFE3

Entry point:
E8, 20, CA, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 83, 3C, F5, 30, DB, 49, 00, 00, 75, 13, 56, E8, 71, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 11, E8, 01, 4C, 00, 00, 59, FF, 34, F5, 30, DB, 49, 00, FF, 15, B0, F1, 47, 00, 5E, 5D, C3, 56, 57, BE, 30, DB, 49, 00, 8B, FE, 53, 8B, 1F, 85, DB, 74, 17, 83, 7F, 04, 01, 74, 11, 53, FF, 15, B8, F1, 47, 00, 53, E8, CF, A8, FF, FF, 83, 27, 00, 59, 83, C7, 08, 81, FF, 50, DC, 49, 00, 7C, D8, 5B, 83, 3E, 00, 74, 0E, 83, 7E, 04, 01, 75, 08, FF, 36, FF, 15...
 
[+]

Code size:
501 KB (513,024 bytes)

Remove BaiSix.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.