flashfxp_378_beta_setup.exe

iniCom Networks, Inc.

The application flashfxp_378_beta_setup.exe by iniCom Networks has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This version of the installer will bundle the Ask.com Toolbar, a potentially unwanted web browser extension.
Publisher:
iniCom Networks, Inc.  (signed and verified)

MD5:
2622095e3507d00126dc6a5da209686f

SHA-1:
28a70ffd9fae8c9a620cddcefb8ff955d69a5689

SHA-256:
0c428c054fadad6e928bce3c62adc384db0d498772a7fb98b2d4344d8af2dc98

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Bundles that Ask.com toolbar as a third-party offer, a web browser extension that may modify a user's search and home pages.

Analysis date:
12/26/2024 1:49:31 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Bundled.Toolbar.Ask.G potentially unsafe application
7.0.302.0

Reason Heuristics
PUP.Ask.Toolbar.Bundled (M)
16.4.15.17

File size:
5.8 MB (6,056,240 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\file sharing\ffxp378\flashfxp v3.7.8 build 1332 beta\flashfxp_378_beta_setup.exe

Digital Signature
Authority:
The USERTRUST Network

Valid from:
4/15/2008 6:00:00 PM

Valid to:
4/16/2010 5:59:59 PM

Subject:
CN="iniCom Networks, Inc.", O="iniCom Networks, Inc.", STREET=500 4th St. NW, STREET=Suite 210, L=Albuquerque, S=NM, PostalCode=87102, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
166775CE958B2642E930AD23001A2EFA

File PE Metadata
Compilation timestamp:
6/19/1992 4:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:FIt+QQzjghzQ/mK/Ad7CE8EJn/a/L0xHa9JdoLuKyexSx9hH2YksXNhC21n44UxK:a+jghMuKYdmE8ScLAIoLuKS90Y9b7xUw

Entry address:
0x6BE80

Entry point:
60, BE, 00, B0, 44, 00, 8D, BE, 00, 60, FB, FF, C7, 87, B0, 94, 04, 00, 00, 00, 00, 00, 57, 83, CD, FF, EB, 0E, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 19, 8B, 1E, 83, EE, FC, 11, DB, 72, 10, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 78, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07...
 
[+]

Entropy:
7.9992

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.22 (Delphi) stub

Code size:
136 KB (139,264 bytes)

Remove flashfxp_378_beta_setup.exe - Powered by Reason Core Security