beeiebddci.exe

dirEct downloAD gtt

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application beeiebddci.exe by dirEct downloAD gtt has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
dirEct downloAD gtt  (signed and verified)

MD5:
251b00aa9dd099a57921eda6169e5bb1

SHA-1:
257dff61b1ff8d1691d49bf06cd676a1ec775cfa

SHA-256:
0c386071c839a58f6577b1e149c736c58c11dc30f7572e8f268f46e7bbe53c00

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 8:14:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
17.2.28.10

File size:
538 KB (550,960 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\beeiebddci.exe

Digital Signature
Authority:
thawte, Inc.

Valid from:
11/15/2015 7:00:00 PM

Valid to:
1/27/2016 6:59:59 PM

Subject:
CN=dirEct downloAD gtt, O=dirEct downloAD gtt, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
7342EAF858BF782F04515916D1671EC3

File PE Metadata
Compilation timestamp:
11/24/2015 8:01:19 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x48E58

Entry point:
E8, DB, B5, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 57, C6, 45, FF, 00, 8B, 7B, 08, 8D, 73, 10, 33, 3D, C0, E2, 47, 00, C7, 45, F4, 01, 00, 00, 00, 8B, 07, 83, F8, FE, 74, 0D, 8B, 4F, 04, 03, CE, 33, 0C, 30, E8, 86, AF, FF, FF, 8B, 47, 08, 8B, 4F, 0C, 03, CE, 33, 0C, 30, E8, 76, AF, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, CF, 00, 00, 00, 89, 45, E8, 8B, 45, 10, 89, 45, EC, 8D, 45, E8, 89, 43, FC, 8B, 43, 0C, 89, 45...
 
[+]

Entropy:
6.3974

Code size:
409 KB (418,816 bytes)

Remove beeiebddci.exe - Powered by Reason Core Security