BrowserWeb.exe

BrowserWeb

Softforce LLC

This is the Softpulse installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application BrowserWeb.exe by Softforce has been detected as adware by 17 anti-malware scanners. The program is a setup application that uses the Softpulse SoftwareBundler installer. This file is typically installed with the program MixVideoPlayer by SoftForce LLC. While running, it connects to the Internet address server-52-84-63-131.ord51.r.cloudfront.net on port 80 using the HTTP protocol.
Publisher:
Softforce LLC  (signed and verified)

Product:
BrowserWeb

Version:
1.0.0.17

MD5:
718a81626b1de6eaec4bd2ae10a83f13

SHA-1:
260281c36e8e99eafaee6f6ac79f5e6429023e5e

SHA-256:
fd880558ada8851cfecdfe983058dcb4aea97202e025693dc55769e5f8042b59

Scanner detections:
17 / 68

Status:
Adware

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/25/2024 4:06:41 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Bawswerps.1
569

Avira AntiVirus
ADWARE/Bawswerps.116736.1
8.3.1.6

Arcabit
Trojan.Adware.Bawswerps.1
1.0.0.425

avast!
MSIL:Adware-N [Adw]
2014.9-150715

AVG
Generic
2016.0.3047

Baidu Antivirus
PUA.Win32.SoftPulse
4.0.3.15715

Bitdefender
Gen:Variant.Adware.Bawswerps.1
1.0.20.980

Dr.Web
Trojan.Domaiq.325
9.0.1.0196

Emsisoft Anti-Malware
Gen:Variant.Adware.Bawswerps
8.15.07.15.06

ESET NOD32
MSIL/NewPlayer.D potentially unwanted (variant)
9.11941

F-Secure
Gen:Variant.Adware.Bawswerps
11.2015-15-07_4

G Data
Gen:Variant.Adware.Bawswerps
15.7.25

K7 AntiVirus
Adware
13.206.16564

Microsoft Security Essentials
Adware:MSIL/Bawswerps
1.1.11804.0

MicroWorld eScan
Gen:Variant.Adware.Bawswerps.1
16.0.0.588

Panda Antivirus
PUP/Multitoolbar
15.07.15.06

Reason Heuristics
PUP.Softpulse.Softforce.Bundler (M)
15.7.15.18

File size:
119.7 KB (122,536 bytes)

Product version:
1.0.0.17

Copyright:
Copyright © 2015

Original file name:
BrowserWeb.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
Softpulse SoftwareBundler

Common path:
C:\Program Files\mixvideoplayer\browserweb.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
12/18/2014 3:00:00 AM

Valid to:
12/19/2015 2:59:59 AM

Subject:
CN=Softforce LLC, O=Softforce LLC, L=Wilmington, S=Delaware, C=US

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
39EFBC248CD996B345705A5A0ED70147

File PE Metadata
Compilation timestamp:
7/14/2015 1:11:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:XoEQlHHHHHHHHHHHHFHHHHHHHHHHHHHHHHEGoEQlHHHHHHHHHHHHFHHHHHHHHHHN:sHHHHHHHHHHHHFHHHHHHHHHHHHHHHHg3

Entry address:
0x1CD6E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0629

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
107.5 KB (110,080 bytes)

The file BrowserWeb.exe has been discovered within the following programs.

MixVideoPlayer  by SoftForce LLC
About 2% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to server-52-85-133-170.iad53.r.cloudfront.net  (52.85.133.170:80)

TCP (HTTP):
Connects to ec2-54-187-119-69.us-west-2.compute.amazonaws.com  (54.187.119.69:80)

TCP (HTTP):
Connects to ec2-52-26-110-152.us-west-2.compute.amazonaws.com  (52.26.110.152:80)

TCP (HTTP):
Connects to server-54-230-81-246.mia50.r.cloudfront.net  (54.230.81.246:80)

TCP (HTTP):
Connects to server-54-230-5-21.dfw3.r.cloudfront.net  (54.230.5.21:80)

TCP (HTTP):
Connects to server-54-230-163-143.jax1.r.cloudfront.net  (54.230.163.143:80)

TCP (HTTP):
Connects to server-52-85-94-154.jfk5.r.cloudfront.net  (52.85.94.154:80)

TCP (HTTP):
Connects to server-52-85-63-84.lhr50.r.cloudfront.net  (52.85.63.84:80)

TCP (HTTP):
Connects to server-52-85-221-209.cdg50.r.cloudfront.net  (52.85.221.209:80)

TCP (HTTP):
Connects to server-52-84-63-52.ord51.r.cloudfront.net  (52.84.63.52:80)

TCP (HTTP):
Connects to server-52-84-63-131.ord51.r.cloudfront.net  (52.84.63.131:80)

TCP (HTTP):
Connects to server-52-84-126-183.iad16.r.cloudfront.net  (52.84.126.183:80)

TCP (HTTP):
Connects to 201-048-053-045.static.ctbc.com.br  (201.48.53.45:80)

Remove BrowserWeb.exe - Powered by Reason Core Security