befcbiacfc.exe

JUsT ACcePT

Part of the OutBrowse Revenyou installer which bundles offers for additional third party applications that may be unwanted and installed without consent. The application befcbiacfc.exe by JUsT ACcePT has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
JUsT ACcePT  (signed and verified)

MD5:
ec98bc1516948a9c5b22f82931566d40

SHA-1:
d0f1ac925b2b97a1aef296574aafa3c892956c74

SHA-256:
94f33246df94e5b187f957b993c72e964fd9bfb6657fbad6e659b38f3823dc35

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 3:17:41 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Outbrowse (M)
16.11.27.14

File size:
469.5 KB (480,800 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\befcbiacfc.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
12/14/2015 3:30:00 AM

Valid to:
12/17/2016 3:29:59 AM

Subject:
CN=JUsT ACcePT, O=JUsT ACcePT, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
449DAF5C6837CFF74021FA1904B54376

File PE Metadata
Compilation timestamp:
1/7/2016 6:52:20 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
6144:72FmvqIBrti1inh4FZly0j5LcV1idDtMSOvQgjcC3fLOHNAnHLLsPdrnOofHsnDD:7GeRtiQ4Z1lcVYRqlv7YOfLOtr0GV2j

Entry address:
0x35992

Entry point:
E8, 71, B6, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 57, C6, 45, FF, 00, 8B, 7B, 08, 8D, 73, 10, 33, 3D, C0, E2, 46, 00, C7, 45, F4, 01, 00, 00, 00, 8B, 07, 83, F8, FE, 74, 0D, 8B, 4F, 04, 03, CE, 33, 0C, 30, E8, 6D, A8, FF, FF, 8B, 47, 08, 8B, 4F, 0C, 03, CE, 33, 0C, 30, E8, 5D, A8, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, CF, 00, 00, 00, 89, 45, E8, 8B, 45, 10, 89, 45, EC, 8D, 45, E8, 89, 43, FC, 8B, 43, 0C, 89, 45, F8, 83, F8, FE, 0F, 84, ED, 00, 00, 00...
 
[+]

Entropy:
6.4189

Code size:
329 KB (336,896 bytes)

Remove befcbiacfc.exe - Powered by Reason Core Security