» InstAct.exe
Overview
Analysis
File Details
Programs (1)

InstAct.exe

Ziggy Networks (Bright Circle Investments Ltd)

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application InstAct.exe by Ziggy Networks (Bright Circle Investments) has been detected as adware by 5 anti-malware scanners. This file is typically installed with the program Doctor PC by Dragon Big Lab which is a potentially unwanted software program. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

InstAct.exe

Publisher:

Ziggy Networks (Bright Circle Investments Ltd) (signed and verified)

Description:

InstAct

Version:

2.6.9.0

MD5:

159a6475ec84ca738a33dccd0e67d83f

SHA-1:

bf6971a8475d2287130142bb7dd6cbc4867a9414

SHA-256:

654fd7b2d52c2edd4708be7925d4642c01e2b192ca3e87b074c28277889ceec2

Scanner detections:

5 / 68

Status:

Adware

Explanation:

May modify the web browser's settings including changing the homepage and search provider in addition to delivering ads (by injecting banner and text-links directly in the webpage). Distributed through the Brightcircle investments brand.

Analysis date:

11/23/2024 9:59:08 AM UTC (today)

Scan engine

Detection

Engine version

Baidu Antivirus

PUA.Win32.CrossRider

4.0.3.15126

Bkav FE

W32.HfsAdware

1.3.0.6379

ESET NOD32

Win32/Toolbar.CrossRider.BM potentially unwanted application

7.0.302.0

Reason Heuristics

Adware.BrightCircle.ZiggyNetworksBrightCircleInvestments

15.1.30.0

VIPRE Antivirus

Threat.4789396

36694

File size:

17 KB (17,416 bytes)

Product version:

2.6.9.0

Original file name:

InstAct.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\roaming\doctor pc\doctor pc 2.6.9\install\011ff20\instact.exe

Digital Signature

Signed by:

Ziggy Networks (Bright Circle Investments Ltd)

Authority:

COMODO CA Limited

Valid from:

12/16/2014 1:00:00 AM

Valid to:

12/17/2015 12:59:59 AM

Subject:

CN=Ziggy Networks (Bright Circle Investments Ltd), O=Ziggy Networks (Bright Circle Investments Ltd), STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Nicosia, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00BBB0E0273DE6CDFEF0992B8F1F6BE5C9

File PE Metadata

Compilation timestamp:

1/22/2015 1:07:54 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

192:WAz6SFySlOI6MFwBXe/W9Z9d8f1y4TTU+MU0cwRnYe+PjPW38LWM1THtg2scvM0:WAz6CYAF4XiCD6dxTDM3ZnYPLg85c8

Entry address:

0x403E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

8.5 KB (8,704 bytes)

The file InstAct.exe has been discovered within the following program.

Doctor PC by Dragon Big Lab

About 57% of users remove it

Remove InstAct.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.