» pcspsetuprmimg.exe
Overview
Analysis
File Details
Downloads (14)

pcspsetuprmimg.exe

PC-Speedup-Pro

PC SPEEDUP TOOLS INC

The application pcspsetuprmimg.exe, “PC-Speedup-Pro Setup ” by PC SPEEDUP TOOLS INC has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The file has been seen being downloaded from www.pcspeeduppro.com and multiple other hosts.

File name:

pcspsetuprmimg.exe

Publisher:

PC SPEEDUP TOOLS INC (signed and verified)

Product:

PC-Speedup-Pro

Description:

PC-Speedup-Pro Setup

MD5:

13226854d7bf125ea6c823ffe66e3c1b

SHA-1:

f42ac456d8b51910d2def55507a5f1a385f33fee

SHA-256:

beeff5a8c908dead728114bdd6d17f53e0509057f824711e22a7748310ea60e4

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

12/28/2024 9:12:02 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.PCVark (L)

16.7.16.23

File size:

5.2 MB (5,442,608 bytes)

Product version:

1.0.0.10958

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\pcspsetuprmimg.exe

Digital Signature

Signed by:

PC SPEEDUP TOOLS INC

Authority:

COMODO CA Limited

Valid from:

5/18/2016 2:00:00 AM

Valid to:

5/19/2017 1:59:59 AM

Subject:

CN=PC SPEEDUP TOOLS INC, OU=Management, O=PC SPEEDUP TOOLS INC, STREET="104, Surya Nagar,", STREET=Murlipura, L=Jaipur, S=Rajasthan, PostalCode=302039, C=IN

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

5D2267724198B78721B0812ED1BFFBE5

File PE Metadata

Compilation timestamp:

1/15/2016 9:22:50 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

98304:ySL1c1l8qvSLIJz7s/fXyn/Wbqt/FrlpvpUc/Y19hntIJfOI7zFwBN:yy16/SII/fC/WOnrlpv6dRyJfOIvFwBN

Entry address:

0x113BC

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

63.5 KB (65,024 bytes)

The file pcspsetuprmimg.exe has been seen being distributed by the following 14 URLs.

http://www.pcspeeduppro.com/download_ip_mrnew.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70447168&x-context=adkm_Nz1kblrqRO_dUqys7kx6jc7vw3R2UJ2HDtbDnCeSgCVpdwj0uDIKJaX2G891rbFq2kMx4lvx-VmRz9c1zk7a9v2-GoVXsbE8axpUW1jiOQW5-tVDdBJOk0Aw7o6r-IfFRo99enVk34SSlDgX_TkvNXtWVLCd3Z0jMQblLlXZhNbH_OmBUPqT4ceOjLFpe3UBCP4scU4KOLa_q79fimbhv95JclcuDTC-gYO8uNtb160LEBuN85bQWyOrVDkaPprPouYKv5umahfkS7YLn42PHypWoMQdLLmaURc27D2fgfEe1da4DyBIBTDht1KYuR7moH_d3TfFqjZBTNCerfNmVTg8foMZajJNUIHWBIKn8WiOkZ-PG2jIMuDdXF2-SKY0t-6xr6TjTRhAFrY1hLR9qlx_DqZum46aVL8J-rJMJP6HTknXGDZXqZTDDd4pnVFhEFcUk68-Krqsp2ys2AAd3vGEcdiPKBeLuA2q8E-Tv2inNzPO6Qukh1cSH9w3MdwIlgG3pHSbDlPgJWXpqun8l0FPUxV3JTLusJYn&x-at={D}&pxl=MAR9_MR20_RUNT

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70446313&x-context=adkm_yWlhQvQ95xhkGspaL_Uym9seFXxatchbE2Yq4kI24q4d9ViD_327kSsUwoUVrNZTY18JS6Y_nSnzU0JBxqtlEqaOyqaf6XpDfRAlJjMNfYSM9Tgj94nwph3TPPUVTtzEz6kOmFj1PoclsfOMN-Ems0MLZ6AIToA5jGXeKGEoZrDTFG8_O3eWp4JVLUAg5rZMlYYpvIA1bP-iUjQd6xBJfQHpxfWPDO0lz7d0EBUsbvk73ps4vUcgxn8dUYUbJUk9a_6BMmdsmtk1pkv9M5YwEqPK0XIBsS3gln4EXTRLvFOYI5gubEWz0ZgvHO4PlC2y4S2fCtOlZLmFVl9qBJ9hb9q9LAN4IU8Wl6YF6dG1ghBnEGL5rkfmztA6JV4o-S3IIOA63BbrOSpzwsaYR39_lUCGwyS4LWlMwReAx5dgORqzh9UWmxtTTQQMzcMQIDwv44S8M7pbV6PIXMLszLI_dx6x7ScaHSyxh2rJj6mRHt3DFUig5fdfn5weYuXHzhvTPfsfvMxycFchgLlMXCr2QnCGDA0d3XoR9ti08guYIIUX&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70444626&x-context=adkm_N6BmYE-Lcz5oJpVAUkpMfmeCOgEsTMCFVbLCvnVNfi415yUlRukok3K33GrbVdRTj672kka17n2ylzvwjA0mpdWcKLHOriKe6Y_GVSwQ9lZIwzVV88cpwuvMK_PjB8PEwulYOokMDmk763_dy7ZRkdT6RkZkdoUpbvB4ujE2uN1LnNHU-pqPgvySm23DfbCrZc-pwClGo5lEUbTgIunl7pLIFq0Jwm7o9vZ92aPOda_YJtP__1GkClWr6blXj9LpKUEDAb8k5md8ag6yvrS5OodCP03erhbe8-XTb1JzxDUwH4CXK8czy0qO17Wn-HJ-i_onBIOYR_JVMr2c370Cse6cekmTZ3O6df9-sZMPQH5WfGEKWnrsyJ-pARia4PZcKpGU6NBvWRoTGgO62wwMlwLu_wfuo_2lAPqAuBtxHUl4Nz1S34ZawO4vvywzhMEcu5e0l6w3CStEiEK2Ao8s2YD2YN15M4FZlm42vEq0UY3b50xLtLRZPoja5HQYkXHwWRpMhQw1gndYtoBhmiefNW0-mYYGonTQVNM&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70649703&x-context=adkm_hJkl40DR_sL4M9Pv-kMUuSHGElrotVG_gUkCZwu_J3pCY400jP0lqGVG4_28f5matnf0GN2pzI73as4LCEMMItrPcsdYm3PxBGlj5ghhCSTGcCGiju9g_SOPy7Ski9AAp3hAYDrRpPrZNseZeLvvvVP-KVo1_D6Xjt6fFtzWNBZKl8DfsAOvBsPY0Dm9ItbGSx9Ow38Lr_K0BOfc51oII8lxhPdokG4aPBsYiunnX6GBDQHulxxiPLGS1WvizTNZ8Tv6o5dv6CYSew0K7rRTGWQ9d3m2OnfALQ3kvqzkTPWCn275Q0GR3PtJ5rXmtoKBWCOCiIVAlHFIzbSSgCiJEWT9X6sbZvUDL2fRS5CVks1--nGaBmA1YhBooNbaOom5OAGfW-fl5ap7nrydfQZPv98pWhua6SSKXgmZFbvePs7pokfOq5JThC_M90zPuD76VxuicgO9RAjtthsO41uoxHrIkXwiWg2ioYEpw24TAcurLovoJxJFKgMq6_LelZ-vv2EZrpNhIDSzPBOtuW38RCvXTXQSLt0-Ko528JwKu-ofvny8Ibh0YdqIZxIUHpIj&x-at={E}&pxl=MAR9_MR20_RUNT

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70538186&x-context=adkm_XLK_HIZVVmGgZi5MLfgz-3-xASmvGINY84PFemC3NyWQ4HCT11m52s_h38Yu4AOHyB1LR4h1cJl4Bl6nFFC1hexh3d71jJPXbCMkBxP1zWOT7vZUJzuQQ_7Nr-I41K5SZGAOiW7tj8PNzjBKY8UKPJn8U3MqRuhsx8HC-LiCvPoxX5ZDYESssii1jiHWPSTbIzg-Tued8L3wms_wUgrKKx1NGAdPcjtw9iRKs9pdnH_eXtINlVjlvRePeiPV9g8UioJIq91SOj3-8xX0I4X5a6lRZvXNmCZ2qgO2NaH_PvQl-IRKhja2BoqxLc2VrQMaoFDzYkphXnbaZCdQj40bu3mBANGBEhYSXSwYIQaUPZ2p22yQ8YNwzOyAIyLp5qspxJlFrRnkrIOX2fuKkXeZ9hwkEshmRjimUiibLJt4kQxPPTkyWnMFByf-o3ZYziHf2Ia--MynjkBbzwDqx25tiNWAtq_No3psR4KT2e-0emET7NEcJ5bYTKPlQ1Ht24L0x6v81KgyNMkuIpNiuyqn1_YCSPlkhAM-CBqFaoCdMKoYHk-XXzgRG7wtEA&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=http://adsrvmedia.adk2x.com/imp?p=70538189&size=800x440&ct=html&ap=1300&u=http://.../t?id=0673a924-bf1c-4801-b262-20ccb7f53421&size=800x440&iframe=true&r=http://.../t?id=0673a924-bf1c-4801-b262-20ccb7f53421&size=800x440&iframe=true&iss=0&f=1

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70445197&x-context=adkm_QNamV70qBfonOHDj7tUIlA9U0XV5lQE1IM_6mlOrLu6nSUnu_fqqc7MivJwppa2-Pn5UBBpYcVbuWf_34LMVSAV_G0mrxGIFSuDOUFe6LU1rqmCMf_OIzvO4EaDz8yddRxOHZjDQuXcI8bcMzRQph7wi9LtnY7yooEFQH95T6mBOOqByJFv2A-XRl9qlJUJ8QL-do2TeCrx3DZM7rup-Vu8WYPk0CarJESVL-ZLfAxN3v3rRw1Fuo8pwXxdSLlVWVVAJ_LXDsZW6obytkg2HPItZ6lXM4dNeMXJQc9_mhqn1oAX6ko8yCt3M0qBnJNnGCN96znikM_QLjrF7GqWRm7Hvd9Uaf7ANcuKgAb1j5lIHWeXcusEiSF_ZsRAfNmwCVNMhk7UQCKYS61mXvFTzZQia2nu7RcTPrk2gaI-8zT1PjCkfGvmmYIO2BT0gEGKyembcVx2xgovL40dnWpTzAyt0UME7jt6XTk-jiFLIcvNwbEJUNQmLEAnA4FSO34fdz-d_UdfYH2G8J_SXAuzETyZvL4WcgirGpHmgJEi2o2eDQvagJYXPombgFemdaLu-PPxHRj8Vm7bVUQ4&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=http://adsrvmedia.adk2x.com/imp?p=70445202&size=468x60&ap=1300&ct=html&u=http://.../download.html&r=http://.../modal-download.html?smart__iFModalBox__iFrame=1469744374123&iss=0&f=1

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70546190&x-context=adkm_iJL8PDtXNtZwHrt80BGHQ9-GUdt3c3n70F1avmhYDWNN1IQGt8pXbUcNiPkJeZb6aaAh1JhoNOK855ZT5n_ITE3Pe9Yx_kFJ9rcySZk_BwFRlAhXQiSFuVTw9rnAhZ42vItwFaVIGMcxKSMFS7cPOd8jrbdlZzxxHzFArOtiOCtMwZZsuS_-NhN3dxFMaqvuYUctAH0ohwG9axDH3Qlbj3CynSKM-5ELj9BWlWWyI8mkurknCxGYin1KFl3gk_SX-gnKRqHo92DmliBy5ouYEqhAUM5oStUZ9RSeuaUr62oAWrC398sX8PMqgVSumK4djg7P2f8PtAdwyl9_5WrtFhYLHwvUr8P1umCW0C2r8-cqe2AZc5Y5X5SBShPRyvEtoKJ2aX7X6Utp6faKbpDrI6mDdXL76Fx-icjYge3dV550HkJY_MxoOmjHwVF2yTl8u-Rdl4NI_RpSB2snUBsNLAMy1ezmChLulAG473u2Mlr79-4rrPdg4-2Ve4yrJSnOnITVdKe38jrl_rJDzl49HFzapYWiApYykPrUGDI&x-at={E}&pxl=MAR9_MR20_RUNT

http://cdn.pcspeeduppro.com/pcspnet/c2/.../pcspsetuprmimg.exe

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70445197&x-context=adkm_DSfAx1EGAo2OM614GP8m5GDIthTdIRmeUqg-n5Li7DwYmK17XY3hvFuTcoeddausR8nokHVZGpg9ZpDaamhLtfP2sCuYPJuRH6swQytE9B0edw79JuYoqvyiOxh-8hBzIGvLBJAbxJ3UGKpZwzvWNv21yDrAzX-TY1QeN8r8rFuL-Qk5UuxBaIOCERzGiPdkxlXekD5VTEXTHFz4YvYHcUCe2locgLieRht99ZkN1A8fynFNG24fedMkykNLctwa64PRgNb0jK_0EypMo_xTpMOUyI2yRuDHp2mD_YbVgjhAg6yqRoV1i3gI8OZ6_y-shWKHGmJxFQUfXm7MrnluaSrsJGk6LwYtV8HlGeIZ3zVqMQsRHrUMUFkb3SrNOOIEfnuApvohzGSl0TpQHNDxTVc7V5cmfkARSxkMr_BeEf4765urVNjnqfO_sgyoEFPhI60JyFKj-wU5uO6DhMdCz7DmbRV4qSl9-bVYRPJpr0_m5szbFHT2ITDcyU1p6TxHqZoLHMEjRZAm6eul3J2cWD9eRArPNzSRPxSfP9KbKDyayI0NWzDp1YRs4b5nZQkg8DYVTeJjWuiD&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70444626&x-context=adkm_r43fTe5GUoWNfIxfuP58o4mHbDA1XDuZxqQ3Z5rca_gFH8AjccunCOwD13Edd43LmksaysC33L4FV-XIcaoaMjyv10Pn_rIquKmM2gjfUp-eehdkt9o03zAWWLXEwlSiCLp2Y688lz8xp0yH_AYz3o7vVFqa6ppCVqHF1yueltZCZBvl3c9aH8iqrfQoT1fnY70mPvU1jbuPsoPlGd-IDZMFIykBC-Wj4g0ObGMaESNwKKFht9GioKMb6bSNOZph5-QuS74DctOeHQFyQIs3NnGVtLWOsDClcqscxDzABWMXoiZpmpySYwlA4hdpbEdQlx_peFLATsononfIooGODSd1Sk8xNsaziioM0cFRjLNQyT2vxM4LiQYJu2UoOugvBfAGItXf4q9fOsH8OtmiiR5GAZpXwJbHhNvWrvuvrhyQekpz9Zjy1l0jcRJnIlrxZOmU01hhAfRT1kCL5FNE9c7U7l3SGOL3zf75IaOl1X7Kwf4aa2Da4FK4StUJ-XoJSeT6nTr_nxa56EORKP8JE0OFgZt9DBqjCn-qNL2Ohj7zj-bpJe444RnfY3DMDkd0bTM&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70444626&x-context=adkm_PIrZCldMvjTdGP0Sa3MkFAvFhu0icyvBdjgSx86prHjJ2-LRiAPH04enMqXzQGS8Snnf6inBWyjcCYawOlBprgygufHh8fE87nUKmb9nBik_L29_G4TPWH_bAXqj9gYwxRllPNGQvhPi0Sr0Pho-FAMv7NnapAsC96KEYrmemxQjgSl-ouos4aCLPC9ONkTU2NoT-o7Zg4SuvvYgn4-AAA7P7vWddXIfjjchD7J0wuMKhli4efiuLaLSIaf8T4JMlejlUDdCQJVyVowK-X-rdcxl0N_Aj_nA0yYmchxf5RXN29r3Dt0REITBuy9WVFC30WnEg9hXBUb8eZRw94S3ioKEv5oRb9tDiLTEKERz7ChvR-PKkAazs_S91MO0pI5xlY2i-Bx9vonDLlPeUVg14cBuHbRPTXfEvJfd97rC9yGjmZINiynzY-OIUSLU2dXVCTcdnC7gXLCeQoyXOgjr28EzsSjHb2FYrp3TLqZGHJY9Rn7_P-c5aSDGwSyBupQ4QHqEZCE4fzMaM7g2aOPtrH1xBzd9biiH5jvIuKa8MoW4ag&x-at={E}&pxl=MAR9_MR20_RUNT&referUrl=

http://cdn.pcspeeduppro.net/pcspnet/c2/.../pcspsetuprmimg.exe

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70445197&x-context=adkm_SYf3sPo37DXiKfEYq8LPdqp3w1pv2rkfD8oNgKA__TkHukWrACKqjHIcxqymhq8eTflofhTku4lqic4DMNEqvDg-b-erf1Mf6-S3VwKegXn8Z9sMGdS0f8b46cyZUyM9QZ3Uup7sf27RADQunywvpIp5AYbEvDunNhdpGddxvwwqQ0pjBjlTMI5wO4fuRg5J_6ZGN0RXyyFLo7vthBOGyuAMqNJvXopf9ruXDtgyKLvRs88fJ9BoM8bQ7kkeGQPDIk2xWvRzbCwaskM0ryG9sb7gYWj99WZN2yy7lYxs_STey1J6f2Ky_L_Ymnm1rp6R34HrzXB015a6CCaEmucqH9Bij4Al-V1IcyJoIDzmw9Mm36wvkNXUwosmQGbANfYvg6gErJyxTzhMwAeEzur-tqVDghF3je--uv_QGWviCP2Kzf4Cm_aSzrWCeR3KEyJVq_5v9WUmDLSb1NSenOrqQtm624KWeYKdYhmAFS7a_oO5mLqXT4cAN038p8B80c8ByaUDZ5pNMmdiKTHmJ1hyArGtAoZrW3i5hjlOJ1jQpAljYYbOTGXV546INm8LgXcqrVfYuUueN0Tl8HoGc8bE4e12y1uX&x-at={E}&pxl=MAR9_MR20_RUNT

http://www.pcspeeduppro.net/download_ip_marim.asp?utm_source=mrg&utm_campaign=mrg&utm_pubid=mr_70446313&x-context=adkm_7hGpiiIGkntwY1vxPUTOO0vKuzklYK0hFvHWXO3P6a0g3UmrYDhNTL6XJjTrz3cK_BevfxaS7_hlMVkZLfVs0KWRKLV1aQ6IfmWSdsH4leXdDHDQD5adoY3LQTz9SlcdkxgY1BMOjCGX8_UG7qp1AZuRd6DxStYgEeuritIumyB06gyzAuvX7eHK14i4WPHqap8XqZMkFELlPFp4PWjmxg2rWxReNQEBUzb0HKOckyPlpi8I0GyoXhTsXEYVHR5oRxMOjUsH7NfiwIZEjNrLtPdOhUgTXgaM09l2vzof0lNYyAZF-X54iolzw2hTutwndlQ34Qyga0n1XdS6LRhxHr7eZFaaJM0hdTuchQZfuUmEnR0NSw2cwnCu3utEWRAnIJWtAj8MkBWdE9FcTCLOLKxvG8gxXRJHJu6bQlbmhWYX8uNIj73osnM44rVXP0mqwM3miNdJfxS0SU1RR-L6WaWOWSymaZSIqC8EAnGWEapnsCYzCmuWn6-bo6qeF0uTsuaQXQTGKHEPJ37bCp7bhdDGUHxmHSTmxUJrYTSvfzO5&x-at={E}&pxl=MAR9_MR20_RUNT

Remove pcspsetuprmimg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.