home

dl159.exe

Search Results, LLC

The application dl159.exe by Search Results has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Search Results, LLC  (signed and verified)

MD5:
c5834254112c4dfdadf75adc5a8e6742

SHA-1:
e84dd7fb994dea94abfa695b37239e0c31a7c4a7

SHA-256:
d9616efd1088640a9e95692f842a4016477fe6e2617f307c312914a5d6cf86f1

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 2:38:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.31.1

File size:
753.6 KB (771,672 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\defaulttab\defaulttab\dl159.exe

Digital Signature
Signed by:
Search Results, LLC

Authority:
COMODO CA Limited

Valid from:
5/2/2014 2:00:00 AM

Valid to:
5/2/2017 1:59:59 AM

Subject:
CN="Search Results, LLC", O="Search Results, LLC", STREET="2751 Hennepin Ave S #252", L=Minneapolis, S=MN, PostalCode=55405, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
64CA9F4A3D9A5E89553273D5E484CBE9

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:4yzBCBbJJf/dcFLJ2NQrpEDyFhTxxXc67Pcl3cFMtVTYQ1Uh0:3BmreLJBKDsTMoPclsOrEUg0

Entry address:
0x6A27C

Code size:
421 KB (431,104 bytes)

Remove dl159.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.