COD.exe

COD

TMRG, Inc.

The component is part of the TMRG platform which will track various behaviors of web browsing habits including tracking sites and domains visited as well as ads clicked. The application COD.exe by TMRG has been detected as adware by 2 anti-malware scanners. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
comScore, Inc.  (signed by TMRG, Inc.)

Product:
COD

Version:
1.0.0.0

MD5:
ad4402b2923789dc6ba31051c89f97e7

SHA-1:
592094870e5a2006f0bb75e5915511efb641b325

SHA-256:
6627a4b4b01f0831a8e5add88beb0f5ccbba03a1cf0d802fabfc129896655503

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
11/22/2024 4:27:17 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TMRG.D
14.8.7.22

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
18744

File size:
15.2 KB (15,600 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © comScore, Inc. 2011

Original file name:
COD.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\apps\2.0\ke4plqeh.w47\g3db5x7g.206\cod...tion_455f1ea75a463835_0001.0000_ac002721c4edc983\cod.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
10/16/2012 8:00:00 PM

Valid to:
10/5/2015 7:59:59 PM

Subject:
CN="TMRG, Inc.", O="TMRG, Inc.", L=Reston, S=Virginia, C=US, SERIALNUMBER=3910738, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
308DC75DC34A54E295C9F7B86685BE76

File PE Metadata
Compilation timestamp:
11/7/2012 4:56:10 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:n9bma1EZ92ggXjaOn92ubhsA3mirILBd1Lm0qZ6QRB:5maGZ92COn92CsjIILL1y066K

Entry address:
0x3BFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0949

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
7.5 KB (7,680 bytes)

Remove COD.exe - Powered by Reason Core Security