» perfectmatch.exe
Overview
Analysis
File Details

perfectmatch.exe

GT Consultoria em Informática Ltda

The application perfectmatch.exe by GT Consultoria em Informáticaa has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

perfectmatch.exe

Publisher:

Legendas Brasil (signed by GT Consultoria em Informática Ltda)

Version:

2.1.0.1

MD5:

6d0e636d54ff280dd48e04bec38aa7c7

SHA-1:

b94ad9cd1b4af7ac0013783151077c1f1b3b4256

SHA-256:

3631a45dd6a148e3bb3220f4a4538866c4d48aa0b5aef990e8ffb86d2298954e

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

12/27/2024 1:08:35 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore.GTConsultoriaemInformaticaa (M)

15.12.1.9

File size:

3.8 MB (3,947,328 bytes)

Product version:

2.1.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\legendas-3.3\perfectmatch.exe

Digital Signature

Signed by:

GT Consultoria em Informática Ltda

Authority:

COMODO CA Limited

Valid from:

8/2/2015 9:00:00 PM

Valid to:

12/30/2015 9:59:59 PM

Subject:

CN=GT Consultoria em Informática Ltda, O=GT Consultoria em Informática Ltda, STREET="AV PRESIDENTE ITAMAR FRANCO, 3180/404", L=Juiz de Fora, S=Minas Gerais, PostalCode=36025-290, C=BR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

009704DC419FC73B34ECF547A8E3103A7E

File PE Metadata

Compilation timestamp:

8/12/2015 4:10:13 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

49152:bWy1MUHXadxiSXWcOYxeGwFpC3dx1et3DP2HmxxJTEVJfLm3:yRWeOmtjetTPjxufi3

Entry address:

0x25C8

Entry point:

EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, AC, 30, 70, 00, A1, 9F, 30, 70, 00, C1, E0, 02, A3, A3, 30, 70, 00, 52, 6A, 00, E8, F7, EE, 2F, 00, 8B, D0, E8, C2, F9, 2E, 00, 5A, E8, E4, F8, 2E, 00, E8, 13, FB, 2E, 00, 6A, 00, E8, B0, 18, 2F, 00, 59, 68, 48, 30, 70, 00, 6A, 00, E8, D1, EE, 2F, 00, A3, A7, 30, 70, 00, 6A, 00, E9, FB, B8, 2F, 00, E9, E2, 18, 2F, 00, 33, C0, A0, 91, 30, 70, 00, C3, A1, A7, 30, 70, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, F0, 00, 00, 00, 0B, C9... 
[+]

Code size:

3 MB (3,153,920 bytes)

Remove perfectmatch.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.