» browserlnk.exe
Overview
Analysis
File Details
Downloads (2)

browserlnk.exe

扩展程序

The executable browserlnk.exe has been detected as malware by 20 anti-virus scanners. The file has been seen being downloaded from box64ad.uuuo.com and multiple other hosts.

File name:

browserlnk.exe

Publisher:

扩展程序

Product:

扩展程序

Version:

1.0.1.4

MD5:

c3bb9da5a9401a598441bdfa95cc39f2

SHA-1:

5c18d3c228c402913933b987da70ecf3e9a8339b

SHA-256:

0d5cec0dc501c4402b1d5f2347e90db138d718d7663c2f6e37ca645bd3eba6f3

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

11/6/2024 12:54:56 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.13282669

592

Agnitum Outpost

Trojan.Fakealert

7.1.1

Avira AntiVirus

TR/Agent.561152.637

8.3.1.6

Arcabit

Trojan.Generic.DCAAD6D

1.0.0.425

avast!

Win32:Malware-gen

2014.9-150623

Bitdefender

Trojan.Generic.13282669

1.0.20.870

Dr.Web

Trojan.Fakealert.48610

9.0.1.0174

Emsisoft Anti-Malware

Trojan.Generic.13282669

8.15.06.23.03

F-Secure

Trojan.Generic.13282669

11.2015-23-06_3

G Data

Trojan.Generic.13282669

15.6.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.9.5.0

McAfee

Artemis!C3BB9DA5A940

5600.6726

MicroWorld eScan

Trojan.Generic.13282669

16.0.0.522

nProtect

Trojan.Generic.13282669

15.06.12.01

Panda Antivirus

Trj/CI.A

15.06.23.03

Trend Micro House Call

TROJ_GEN.R01ZC0OEE15

7.2.174

Trend Micro

TROJ_GEN.R01ZC0OEE15

10.465.23

VIPRE Antivirus

Trojan.Win32.Generic

41112

ViRobot

Trojan.Win32.S.Agent.561152.JZ[h]

2014.3.20.0

Zillya! Antivirus

Trojan.FakeAV.Win32.314304

2.0.0.2222

File size:

548 KB (561,152 bytes)

Product version:

1.0.1.4

Original file name:

openlnk.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\youxun\browserlnk.exe

File PE Metadata

Compilation timestamp:

3/26/2015 5:33:57 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:+HiVgpen2Ys7zWjMCKxaiPnW/0cfByu34oN579l5iLOjKDKFi:KDW9KciPvyyu34otlKOK

Entry address:

0x33E31

Entry point:

E8, 69, 71, 00, 00, E9, 79, FE, FF, FF, 3B, 0D, 80, 39, 46, 00, 75, 02, F3, C3, E9, EB, 71, 00, 00, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, 78, 1C, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, D9, 16, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, 53, 1C, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 12, 12, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 20, 56, 33... 
[+]

Entropy:

6.7027

Code size:

313.5 KB (321,024 bytes)

The file browserlnk.exe has been seen being distributed by the following 2 URLs.

http://box64ad.uuuo.com/yxh/install/.../exservice.exe

http://setupadsfile.yxdown.com/BrowserLnk.exe

Remove browserlnk.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.