» greenerweb.ofsvc.exe
Overview
Analysis
File Details

greenerweb.ofsvc.exe

PayByAds ltd.

The application greenerweb.ofsvc.exe by PayByAds ltd has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

Publisher:

PayByAds ltd. (signed and verified)

MD5:

849d2f359ec0a3daec7fd8f3c173177a

SHA-1:

c767b7ec05318f6833e452bed89bcec5080d331b

SHA-256:

2ebda79bcfe749ef697df98d45dced7d62b5356f1788ce1498f1fcf9b92071de

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/23/2024 3:56:30 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Montiera (M)

16.11.10.20

File size:

1.1 MB (1,184,616 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\greener web\bin\greenerweb.ofsvc.exe

Digital Signature

Signed by:

PayByAds ltd.

Authority:

COMODO CA Limited

Valid from:

7/28/2014 2:00:00 AM

Valid to:

7/29/2015 1:59:59 AM

Subject:

CN=PayByAds ltd., O=PayByAds ltd., STREET="Herbert Samuel, 46", L=Tel Aviv, S=Israel, PostalCode=6330303, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00CA9E6FD9AC89FBB9BC192CA9530A98F5

File PE Metadata

Compilation timestamp:

10/9/2014 11:15:46 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:kkNgGK+Or9Upf7mBjvYdHztnXYJFNfqekEvlemL:kkNg9z8zmBjKztnmx28Z

Entry address:

0x15B88

Entry point:

8D, 95, CC, ED, 69, 79, 0C, AB, 23, 2A, 6C, 69, 0F, 25, C0, 4F, 2D, 97, FD, 95, 75, AA, 5A, 8F, D9, 08, 78, 64, 13, 2C, D0, 4A, 1E, 02, E7, 0E, 59, 0F, EE, F3, FC, 25, 76, E7, 6D, 6D, CD, 77, A7, 5F, 5D, DD, DA, EA, 21, CF, 94, AA, 11, A5, E1, C6, 50, 32, 63, 1F, C3, BF, EE, B5, 54, D3, 2C, EC, 35, 1F, B5, 26, A0, 4B, CB, 02, 0D, BB, C6, 1B, 25, 4B, 47, F2, FF, 00, 10, 5A, 86, 07, D3, EE, 6F, D3, 4F, BA, 98, CA, 15, 62, 91, 98, E5, 4A, 86, 0D, E6, C7, F8, 31, AB, 77, 30, 69, FA, A5, EC, FA, 6B, DC, C8, 23... 
[+]

Code size:

135 KB (138,240 bytes)

Remove greenerweb.ofsvc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.