home

jjanggametoolbar.exe

미디어클릭

The application jjanggametoolbar.exe by 미디어클릭 has been detected as a potentially unwanted program by 7 anti-malware scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘jjanggametoolbar’.
Publisher:
미디어클릭  (signed and verified)

MD5:
535a6ec7a99721e4e823763979e8901e

SHA-1:
c471e1c48edca5a7e91e36bb24d0f1e25790f6e9

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 11:09:25 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Downloader.Gen
7.11.132.140

AVG
Win32/DH{DyAl}
2016.0.3027

ESET NOD32
Win32/Adware.EasyPoint (variant)
9.9440

Norman
Malware
11.20150805

Trend Micro House Call
PAK_Generic.001
7.2.217

Trend Micro
PAK_Generic.001
10.465.05

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.3

File size:
42.3 KB (43,264 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\jjanggametoolbar\jjanggametoolbar.exe

Digital Signature
Signed by:
미디어클릭

Authority:
Thawte, Inc.

Valid from:
10/11/2013 9:00:00 AM

Valid to:
10/12/2014 8:59:59 AM

Subject:
CN=미디어클릭, OU=Dev. Team, O=미디어클릭, L=Gangnam-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1CE296574DE87C58D1489C9DE2B496C2

File PE Metadata
Compilation timestamp:
1/15/2014 8:17:19 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:a4dQDBC7wB7d9tmXvRf5qp/w8ENeRZAsLMdRWhyQ8T5w4L:a4dQDIUBvQX9HER3LMOyjTr

Entry address:
0x297B0

Entry point:
60, BE, 00, 10, 42, 00, 8D, BE, 00, 00, FE, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, EF, 75, 09, 8B, 1E, 83, EE, FC, 11, DB, 73, E4, 31, C9, 83, E8, 03, 72, 0D, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 74, 89, C5, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, 75, 20, 41, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB...
 
[+]

Entropy:
7.7795

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
36 KB (36,864 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
jjanggametoolbar

Command:
"C:\Program Files\jjanggametoolbar\jjanggametoolbar.exe" \run


Remove jjanggametoolbar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.