home

bedjihhgjc.exe

Click YES

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application bedjihhgjc.exe by Click YES has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Click YES  (signed and verified)

Version:
2015.818.60.64

MD5:
a4a8153636244551933dfbb475e9efcd

SHA-1:
6075102d909a77de85284ef5c62055f9eeb7fa30

SHA-256:
853e653e4595dbb101488b00a1a961e75536e1ad9b7b35bc33a13ee26e801c78

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
2/25/2025 7:59:18 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
17.3.14.20

File size:
1 MB (1,077,784 bytes)

Product version:
2015.818.60.64

Copyright:
x

Original file name:
20158186064.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\bedjihhgjc.exe

Digital Signature
Signed by:
Click YES

Authority:
thawte, Inc.

Valid from:
6/29/2015 5:00:00 PM

Valid to:
12/10/2015 3:59:59 PM

Subject:
CN=Click YES, O=Click YES, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
6D7167A4248B7261AA96D468CCA96867

File PE Metadata
Compilation timestamp:
8/17/2015 11:02:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0xB3680

Entry point:
E8, 85, AD, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, E0, 07, 4D, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 68, 00, 4D, 00, C9, C2, 08, 00, B8, 4F, EF, 4B, 00, A3, 88, CF, 4E, 00, C7, 05, 8C, CF, 4E, 00, 45, E6, 4B, 00, C7, 05, 90, CF, 4E, 00, F9, E5, 4B, 00, C7, 05, 94, CF, 4E, 00, 32, E6, 4B, 00, C7, 05...
 
[+]

Entropy:
6.7563

Code size:
828 KB (847,872 bytes)

Remove bedjihhgjc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.