browser.exe

speed browser

Smart Applications

The application browser.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. While running, it connects to the Internet address edge-z-m-mini-shv-01-gru2.facebook.com on port 443.
Publisher:
Smart Applications

Product:
speed browser

Version:
40.0.2214.45

MD5:
c2d6edceb2093794995544c8a535d89f

SHA-1:
d3f805cf42e92ff1e89e0e1cd2f167b9eae11cb5

SHA-256:
decf2fdc4fe82c6ee62a1c3a75129c0ddc649cc5fa630ef583b0b1247ddeac79

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/24/2024 7:02:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SmartApplications.Meta (M)
15.6.29.1

File size:
782.5 KB (801,280 bytes)

Product version:
40.0.2214.45

Copyright:
Copyright 2014 Smart Applications. All rights reserved.

Original file name:
browser.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\speed browser\application\browser.exe

File PE Metadata
Compilation timestamp:
4/1/2015 4:48:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:Dh7yW3AysxvjN/o3UV16yjQKfF82Z7LUfCT+xHe+Kp9jkEsKZv+L0ZrYHScjjRWC:Dh7AjVQyixHe99cKZZZcjRBDs

Entry address:
0x43808

Entry point:
E8, C8, CD, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 08, 8B, 4C, 24, 10, 0B, C8, 8B, 4C, 24, 0C, 75, 09, 8B, 44, 24, 04, F7, E1, C2, 10, 00, 53, F7, E1, 8B, D8, 8B, 44, 24, 08, F7, 64, 24, 14, 03, D8, 8B, 44, 24, 08, F7, E1, 03, D3, 5B, C2, 10, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74...
 
[+]

Entropy:
6.3932

Code size:
382 KB (391,168 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to r2.ycpi.vip.tw1.yahoo.net  (203.84.197.25:443)

TCP (HTTP SSL):
Connects to pr.comet.vip.sg3.yahoo.com  (106.10.200.161:443)

TCP (HTTP SSL):
Connects to edge-star-shv-01-sin6.facebook.com  (157.240.7.20:443)

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-sin6.facebook.com  (157.240.7.35:443)

TCP (HTTP SSL):
Connects to a23-72-44-66.deploy.static.akamaitechnologies.com  (23.72.44.66:443)

TCP (HTTP):
Connects to ec2-52-17-158-153.eu-west-1.compute.amazonaws.com  (52.17.158.153:80)

TCP (HTTP SSL):
Connects to r2.ycpi.vip.gq1.yahoo.net  (208.71.44.31:443)

TCP (HTTP SSL):
Connects to edge-z-m-mini-shv-01-sin6.facebook.com  (157.240.7.36:443)

TCP (HTTP):
Connects to ec2-52-209-20-4.eu-west-1.compute.amazonaws.com  (52.209.20.4:80)

TCP (HTTP SSL):
Connects to server-54-192-55-175.jfk6.r.cloudfront.net  (54.192.55.175:443)

TCP (HTTP SSL):
Connects to server-54-192-55-133.jfk6.r.cloudfront.net  (54.192.55.133:443)

TCP (HTTP):
Connects to origin.bl180w.blu180.mail.live.com  (65.55.118.92:80)

TCP (HTTP):
Connects to ec2-54-171-43-206.eu-west-1.compute.amazonaws.com  (54.171.43.206:80)

TCP (HTTP SSL):
Connects to a104-64-70-85.deploy.static.akamaitechnologies.com  (104.64.70.85:443)

TCP (HTTP SSL):
Connects to 58.32.199.65.philadelphia.google-ggc.verizon.com  (65.199.32.58:443)

TCP (HTTP SSL):
Connects to server-54-192-188-222.maa3.r.cloudfront.net  (54.192.188.222:443)

TCP (HTTP SSL):
Connects to edge-star-shv-01-gru2.facebook.com  (31.13.85.8:443)

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-gru2.facebook.com  (31.13.85.36:443)

TCP (HTTP):
Connects to ec2-54-246-181-97.eu-west-1.compute.amazonaws.com  (54.246.181.97:80)

TCP (HTTP SSL):
Connects to 191.32.29.81.static.adsl.gvt.net.br  (191.32.29.81:443)

Remove browser.exe - Powered by Reason Core Security