desktopeditorsetup.exe

Crawler Desktop Editor Toolbar

Crawler, LLC

The application desktopeditorsetup.exe, “Crawler Desktop Editor Toolbar Setup ” by Crawler has been detected as a potentially unwanted program by 5 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.screensavermaster.com.
Publisher:
Crawler.com, LLC   (signed by Crawler, LLC)

Product:
Crawler Desktop Editor Toolbar

Description:
Crawler Desktop Editor Toolbar Setup

Version:
6.0.0.34

MD5:
343ce6b80000f997d6861b027d749d9e

SHA-1:
c59a174e6f0bcad805aa51f24af4c030aa795ef1

SHA-256:
dadac42037e51b31fd93ef4b861325c94979354db0239b28085057ce5cce72e9

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 1:01:15 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Adware.PCFixSpeed
0.98/19246

Dr.Web
riskware program Program.Unwanted.33
9.0.1.040

ESET NOD32
Win32/Toolbar.Crawler.B potentially unwanted application
10.7.0.302.0

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
14.0.0.690

Reason Heuristics
PUP.Crawler.Installer
16.2.9.0

File size:
1.8 MB (1,928,936 bytes)

Product version:
6.0.0.34

Copyright:
copyright © Crawler.com, LLC

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\desktopeditorsetup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
12/9/2010 6:00:00 PM

Valid to:
12/11/2013 5:59:59 PM

Subject:
CN="Crawler, LLC", OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Crawler, LLC", L=Boca Raton, S=Florida, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1535EDA3C8F2FED30D4497572760F240

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:vhLQtIrHSySp+jBy4SyP4DA/N8R2AqebA5rOYiZnC:Pi+jQ3A/ighebSivZnC

Entry address:
0xC1C0

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, C8, C0, 40, 00, E8, 60, 86, FF, FF, 33, C0, 55, 68, 85, C8, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 41, C8, 40, 00, 64, FF, 32, 64, 89, 22, A1, 60, E6, 40, 00, E8, 5E, FD, FF, FF, E8, C9, F8, FF, FF, 8D, 55, EC, 33, C0, E8, 93, CA, FF, FF, 8B, 55, EC, B8, 8C, F0, 40, 00, E8, 0A, 77, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 8C, F0, 40, 00, B2, 01...
 
[+]

Entropy:
7.9906

Developed / compiled with:
Microsoft Visual C++

Code size:
46.5 KB (47,616 bytes)

The file desktopeditorsetup.exe has been seen being distributed by the following URL.

Remove desktopeditorsetup.exe - Powered by Reason Core Security