offerboxhttpproxy.exe

OfferBoxHTTPProxy

Aedge Performance BCN, S.L.U.

The application offerboxhttpproxy.exe by Aedge Performance BCN, S.L.U has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This executable runs as a local area network (LAN) Internet proxy server listening on port 56847 and has the ability to intercept and modify all inbound and outbound Internet traffic on the local host. This file is typically installed with the program OfferBox by Aedge Performance BCN SL which is a potentially unwanted software program.
Publisher:
Aedge Performance BCN SL  (signed by Aedge Performance BCN, S.L.U.)

Product:
OfferBoxHTTPProxy

Version:
8, 1, 6076, 525

MD5:
39e57fd8830587893ea8246cd388083e

SHA-1:
cf428ace62029e9482f7349efed02b991509bf36

SHA-256:
8fd7a07b8a11a7fce1227b8fc9e2700113eaa0fb4bdd94cf7bb1a45022c1f2cc

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 12:55:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Adedge (M)
17.1.28.12

File size:
822.8 KB (842,520 bytes)

Product version:
8, 1, 6076, 525

Copyright:
Copyright © 2011

File type:
Executable application (Win32 EXE)

Language:
Spanish

Common path:
C:\Program Files\offerbox\offerboxhttpproxy.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/14/2014 2:00:00 AM

Valid to:
8/14/2015 1:59:59 AM

Subject:
CN="Aedge Performance BCN, S.L.U.", O="Aedge Performance BCN, S.L.U.", L=BARCELONA, S=CATALUNYA, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2B8586A1C0B4055887D7E36E1A8EB4E6

File PE Metadata
Compilation timestamp:
10/7/2014 2:49:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x6C314

Entry point:
E8, 1C, A9, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 33, DB, 39, 5D, 0C, 75, 1D, E8, 06, 2B, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 61, 02, 00, 00, 83, C4, 14, 83, C8, FF, EB, 4D, 8B, 45, 08, 3B, C3, 74, DC, 56, 89, 45, E8, 89, 45, E0, 8D, 45, 10, 50, 53, FF, 75, 0C, 8D, 45, E0, 50, C7, 45, E4, FF, FF, FF, 7F, C7, 45, EC, 42, 00, 00, 00, E8, 5D, AB, 00, 00, 83, C4, 10, FF, 4D, E4, 8B, F0, 78, 07, 8B, 45, E0, 88, 18, EB, 0C, 8D, 45, E0, 50, 53, E8, 38, A9, 00, 00, 59...
 
[+]

Code size:
605 KB (619,520 bytes)

Local Proxy Server
Proxy for:
Internet Settings

Local host address:
http://127.0.0.1:56847/

Local host port:
56847

Default credentials:
No


The file offerboxhttpproxy.exe has been discovered within the following programs.

OfferBox  by Aedge Performance BCN SL
It is set to be start when the PC boots and any user logs into Windows (added to the Run registry key for the all users under the local machine).
www.offerbox.com
71% remove it
 
Powered by Should I Remove It?

Remove offerboxhttpproxy.exe - Powered by Reason Core Security