browser.exe

speed browser

Fast Applications

The application browser.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. While running, it connects to the Internet address 6.97.a86c.ip4.static.sl-reverse.com on port 443.
Publisher:
Fast Applications

Product:
speed browser

Version:
48.0.2564.97

MD5:
b8926214cc9b3fd2393ee305247d7465

SHA-1:
bcb671ca556da53f6baa38ea49a3156050ba4ddc

SHA-256:
5fe6861d23690ab404c50372997c667c3faacde2d5972e086d87414cc91d5e40

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 12:57:05 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FastApplications.Meta (M)
16.2.5.2

File size:
754.5 KB (772,608 bytes)

Product version:
48.0.2564.97

Copyright:
Copyright 2015 Fast Applications. All rights reserved.

Original file name:
browser.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\speed browser\application\browser.exe

File PE Metadata
Compilation timestamp:
2/3/2016 4:43:25 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:LaE0At7nDvofBgHHFeZVZCjJCPyF92nMZMQbkQJd7lkFpJ4T3soTycrzNHPiKh1N:LaEx7BHHFeZzeMQbkQJd7lIJ4T3soTyE

Entry address:
0x4B71A

Entry point:
E8, 78, B2, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B, D8, 8B, 4C, 24, 18, 8B, 54, 24, 14, 8B, 44, 24, 10, D1, EB, D1...
 
[+]

Entropy:
6.4292

Code size:
410 KB (419,840 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to rtas-22.btrll.com  (185.62.216.162:80)

TCP (HTTP SSL):
Connects to a92-122-46-166.deploy.akamaitechnologies.com  (92.122.46.166:443)

TCP (HTTP):
Connects to a23-214-126-65.deploy.static.akamaitechnologies.com  (23.214.126.65:80)

TCP (HTTP):
Connects to a23-214-126-58.deploy.static.akamaitechnologies.com  (23.214.126.58:80)

TCP (HTTP SSL):
Connects to a23-12-36-193.deploy.static.akamaitechnologies.com  (23.12.36.193:443)

TCP (HTTP SSL):
Connects to 65.254.178.107.bc.googleusercontent.com  (107.178.254.65:443)

TCP (HTTP SSL):
Connects to 6.97.a86c.ip4.static.sl-reverse.com  (108.168.151.6:443)

TCP (HTTP):
Connects to ec2-54-246-181-97.eu-west-1.compute.amazonaws.com  (54.246.181.97:80)

TCP (HTTP SSL):
Connects to https-208-111-183-35.yyz.llnw.net  (208.111.183.35:443)

TCP (HTTP SSL):
Connects to a1.ue.vip.ne1.yahoo.net  (98.138.4.253:443)

TCP (HTTP SSL):
Connects to e2.ycpi.vip.nya.yahoo.com  (69.147.82.61:443)

TCP (HTTP SSL):
Connects to dh-in-f104.1e100.net  (209.85.203.104:443)

TCP (HTTP):
Connects to a-0001.a-msedge.net  (204.79.197.200:80)

TCP (HTTP SSL):
Connects to ec2-54-164-232-98.compute-1.amazonaws.com  (54.164.232.98:443)

TCP (HTTP SSL):
Connects to dmppixel-shared-mtc-c.evip.aol.com  (64.12.245.38:443)

TCP (HTTP):
Connects to any-in-2015.1e100.net  (216.239.32.21:80)

TCP (HTTP SSL):
Connects to a95-101-109-125.deploy.akamaitechnologies.com  (95.101.109.125:443)

TCP (HTTP SSL):
Connects to a88-221-238-26.deploy.akamaitechnologies.com  (88.221.238.26:443)

TCP (HTTP SSL):
Connects to a23-214-73-209.deploy.static.akamaitechnologies.com  (23.214.73.209:443)

TCP (HTTP SSL):
Connects to a23-214-208-170.deploy.static.akamaitechnologies.com  (23.214.208.170:443)

Remove browser.exe - Powered by Reason Core Security