home

behelper.exe

Cloud Installer

The application behelper.exe by Cloud Installer has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Browser Extensions by Spigot, Inc. which is a potentially unwanted software program.
Publisher:
Cloud Installer  (signed and verified)

MD5:
5b169131f9698b4da04fc76e75373ce5

SHA-1:
aec72f0e03e917c02ede375b6c2f614c61b0f330

SHA-256:
d46a45696069196830c74f5db6e210df37db82e23964fc5f323e9488a2416465

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/28/2024 2:41:02 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Softpulse (M)
16.11.27.13

File size:
1.1 MB (1,161,472 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\browserextensions\behelper.exe

Digital Signature
Signed by:
Cloud Installer

Authority:
GoDaddy.com, Inc.

Valid from:
3/10/2016 4:55:38 PM

Valid to:
3/8/2017 9:16:38 AM

Subject:
CN=Cloud Installer, O=Cloud Installer, L=Incline Village, S=Nevada, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
59F80236730E4539

File PE Metadata
Compilation timestamp:
6/9/2016 9:45:45 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:+jx1LHyuFV+601ZCW+R97+DSxsWH40vybnttlx7TnZ8IOrIJRq9TPuUTVKCTRQj:0x1ryuFV+601ZCn/+DSxsWY0GH7TnZfP

Entry address:
0xA3B9B

Entry point:
E8, D3, C3, 00, 00, E9, A5, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 26, 04, 00, 00, 3B, 0D, 04, 33, 4F, 00, 75, 02, F3, C3, E9, 4A, C4, 00, 00, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, B1, 10, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 93, 06, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, 8C, 10, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 8D, 34, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D...
 
[+]

Entropy:
6.6110

Code size:
807 KB (826,368 bytes)

The file behelper.exe has been discovered within the following program.

Browser Extensions  by Spigot, Inc.
Publisher's description - “The toolbar communicates with our servers from time to time to check for available software updates such as bug fixes, patches, enhanced functions and new versions. By installing the toolbar, you agree to automatically request and receive updates.”
www.spigot.com
66% remove it
 
Powered by Should I Remove It?

Remove behelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.