browserlnk.exe

扩展程序

The executable browserlnk.exe has been detected as malware by 20 anti-virus scanners. The file has been seen being downloaded from box64ad.uuuo.com and multiple other hosts.
Publisher:
扩展程序

Product:
扩展程序

Version:
1.0.1.4

MD5:
c3bb9da5a9401a598441bdfa95cc39f2

SHA-1:
5c18d3c228c402913933b987da70ecf3e9a8339b

SHA-256:
0d5cec0dc501c4402b1d5f2347e90db138d718d7663c2f6e37ca645bd3eba6f3

Scanner detections:
20 / 68

Status:
Malware

Analysis date:
12/27/2024 3:52:38 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.13282669
592

Agnitum Outpost
Trojan.Fakealert
7.1.1

Avira AntiVirus
TR/Agent.561152.637
8.3.1.6

Arcabit
Trojan.Generic.DCAAD6D
1.0.0.425

avast!
Win32:Malware-gen
2014.9-150623

Bitdefender
Trojan.Generic.13282669
1.0.20.870

Dr.Web
Trojan.Fakealert.48610
9.0.1.0174

Emsisoft Anti-Malware
Trojan.Generic.13282669
8.15.06.23.03

F-Secure
Trojan.Generic.13282669
11.2015-23-06_3

G Data
Trojan.Generic.13282669
15.6.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

McAfee
Artemis!C3BB9DA5A940
5600.6726

MicroWorld eScan
Trojan.Generic.13282669
16.0.0.522

nProtect
Trojan.Generic.13282669
15.06.12.01

Panda Antivirus
Trj/CI.A
15.06.23.03

Trend Micro House Call
TROJ_GEN.R01ZC0OEE15
7.2.174

Trend Micro
TROJ_GEN.R01ZC0OEE15
10.465.23

VIPRE Antivirus
Trojan.Win32.Generic
41112

ViRobot
Trojan.Win32.S.Agent.561152.JZ[h]
2014.3.20.0

Zillya! Antivirus
Trojan.FakeAV.Win32.314304
2.0.0.2222

File size:
548 KB (561,152 bytes)

Product version:
1.0.1.4

Copyright:
2014(C)扩展程序。保留所有权利

Original file name:
openlnk.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\youxun\browserlnk.exe

File PE Metadata
Compilation timestamp:
3/26/2015 5:33:57 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:+HiVgpen2Ys7zWjMCKxaiPnW/0cfByu34oN579l5iLOjKDKFi:KDW9KciPvyyu34otlKOK

Entry address:
0x33E31

Entry point:
E8, 69, 71, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, 80, 39, 46, 00, 75, 02, F3, C3, E9, EB, 71, 00, 00, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, 78, 1C, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, D9, 16, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, 53, 1C, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 12, 12, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 20, 56, 33...
 
[+]

Entropy:
6.7027

Code size:
313.5 KB (321,024 bytes)

The file browserlnk.exe has been seen being distributed by the following 2 URLs.

Remove browserlnk.exe - Powered by Reason Core Security