home

deactivatebrowsers.exe

Security Stronghold LLC

The application deactivatebrowsers.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Security Stronghold LLC  (signed and verified)

MD5:
6ddeaf6f777bd0d634173d249f9ea3b9

SHA-1:
cceec3b047c6f8fa5580b845576fc67156b09977

SHA-256:
149e50bec3afea8156dd0b914df435bb76cd115e6ebd3770ed902eac9ce15ef7

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 6:33:39 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.3.6.9

File size:
1.4 MB (1,494,968 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Security Stronghold LLC

Authority:
GlobalSign nv-sa

Valid from:
10/10/2011 3:49:57 AM

Valid to:
10/10/2012 3:49:57 AM

Subject:
E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, S=Astrakhan region, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112178C42A18008AB27616B3F5140692C337

File PE Metadata
Compilation timestamp:
4/5/2012 5:40:25 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:Oea6ZRvX6/8FJZ+enRJyHCxS27dQdiFlNYzcHlA2S2mndIKxQXu:OOZhTnLxSKlNYAHlA2Stnddx3

Entry address:
0x106964

Entry point:
55, 8B, EC, 83, C4, F0, B8, 70, D4, 4F, 00, E8, CC, 3B, F0, FF, A1, B0, DE, 51, 00, 8B, 00, E8, 5C, 4B, FF, FF, E8, 97, FD, EF, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3810

Developed / compiled with:
Microsoft Visual C++

Code size:
1 MB (1,070,592 bytes)

Remove deactivatebrowsers.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.