d176f0cf-bb89-4545-9d35-1bb35f546ec0.exe
Smart Applications
Part of the Yontoo adware component, a web browser plugin that injects unwanted ads in the browser. The application d176f0cf-bb89-4545-9d35-1bb35f546ec0.exe by Smart Applications has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
File name:
d176f0cf-bb89-4545-9d35-1bb35f546ec0.exe
MD5:
671319e0290cc1433e69cd022eb0e2d2
SHA-1:
a28441ba12d688422637ef25fb1583336354e439
SHA-256:
3c478b9fc08c00731c3b318fbfd882106bb8b42659ce35ae09a64210268bb92f
Scanner detections:
1 / 68
Explanation:
Belongs to the Sambreel/Yontoo progam that inserts various forms of advertising in the user's web browser, installed with minimal or no user consent.
Analysis date:
11/27/2024 3:39:28 AM UTC (today)
Scan engine
Detection
Engine version
Reason Heuristics
PUP.Yontoo (M)
16.8.6.18
File size:
32.4 MB (33,963,392 bytes)
File type:
Executable application (Win32 EXE)
Common path:
C:\windows\temp\d176f0cf-bb89-4545-9d35-1bb35f546ec0.exe
Valid from:
11/14/2014 8:00:00 AM
Valid to:
11/15/2015 7:59:59 AM
Subject:
CN=Smart Applications, O=Smart Applications, L=St. James, S=St. James, C=BB
Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Serial number:
4CF1C880A6746C7D0CDCB1393793A057
Compilation timestamp:
4/1/2015 11:49:09 PM
CTPH (ssdeep):
786432:22pYIvA0d6JvoxSxkohjlpmMGbSKDjdFv4Ab2OEJk:2TI5Lbohjb8b/jzcOC
Entropy:
7.9732 (probably packed)
Code size:
60.5 KB (61,952 bytes)