home

mlbwhitesoxpersona.exe

Chicago White Sox Browser Theme

Brand Thunder LLC

The application mlbwhitesoxpersona.exe by Brand Thunder has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the uninstaller utility registered in the Windows Control Panel for the program Chicago White Sox Browser Theme by Brand Thunder, L.L.C.. This file is typically installed with the program Chicago White Sox Browser Theme by Brand Thunder which is a potentially unwanted software program.
Publisher:
Brand Thunder, L.L.C.  (signed by Brand Thunder LLC)

Product:
Chicago White Sox Browser Theme

Version:
0.0.0.0

MD5:
fc096655cb868a29d532ad9c1a6cb20a

SHA-1:
9d46fd0f0e179f4f314b602c00002ef7f8d9ce50

SHA-256:
f2e81225228d685a773c704390fe0574b4956ec3bb0c84a1b3b01c780b590623

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/15/2024 4:27:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.BrandThunder (M)
17.3.6.12

File size:
505.6 KB (517,736 bytes)

Product version:
0.0.0.0

Copyright:
Copyright © 2013 Brand Thunder, L.L.C. All rights reserved.

Original file name:
mlbwhitesoxpersona.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\package cache\{d393d0ab-16e6-4243-8b06-9cdbf3313762}\mlbwhitesoxpersona.exe

Digital Signature
Signed by:
Brand Thunder LLC

Authority:
Thawte, Inc.

Valid from:
6/6/2011 5:00:00 PM

Valid to:
8/5/2013 4:59:59 PM

Subject:
CN=Brand Thunder LLC, O=Brand Thunder LLC, L=Columbus, S=Ohio, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
26319BF7B6ED3749424F83D8CBC3A145

File PE Metadata
Compilation timestamp:
12/24/2012 1:43:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x25D1C

Entry point:
E8, 1E, 1F, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, E8, 3E, 45, 00, 00, 74, 05, E9, 7E, 1F, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2, 03, C1, E9, 02, 74, 06, F3, AB, 85, D2, 74, 0A, 88, 07, 83, C7, 01, 83, EA...
 
[+]

Entropy:
6.9767

Code size:
218 KB (223,232 bytes)

Program Uninstaller
Program name:
Chicago White Sox Browser Theme

Display publisher:
Brand Thunder, L.L.C.

Display version:
0.0.0.0

Uninstall string:
"C:\users\{user}\appdata\local\package cache\{d393d0ab-16e6-4243-8b06-9cdbf3313762}\mlbwhitesoxpersona.exe" \uninstall


The file mlbwhitesoxpersona.exe has been discovered within the following program.

Chicago White Sox Browser Theme  by Brand Thunder
Chicago White Sox Browser Theme is a potentially unwanted application that runs in the web browser as a toolbar and web extension.
brandthunder.com
69% remove it
 
Powered by Should I Remove It?

Remove mlbwhitesoxpersona.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.