» pricehorse.exe
Overview
Analysis
File Details
Programs (1)

pricehorse.exe

Montiera Technologies LTD

It is part of the Montiera web browser toolbar monetization platform which injects browser search and advertising within the user's web browser. The application pricehorse.exe by Montiera Technologies has been detected as adware by 15 anti-malware scanners. This file is typically installed with the program Price-Horse by Montiera Technologies LTD which is a potentially unwanted software program.

File name:

pricehorse.exe

Publisher:

Pay By Ads LTD (signed by Montiera Technologies LTD)

Version:

1.3.0.0

MD5:

c7bfb42eeff9cb9cca568f2c6001b7d0

SHA-1:

153970557b9da15278aef529eb835a67e383daa8

SHA-256:

08af515894e8df72e507368e0d22f447636fb6aedf4eb0ed19e9e16125f7eb48

Scanner detections:

15 / 68

Status:

Adware

Analysis date:

11/5/2024 4:36:24 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Montiera

2016.0.3228

Baidu Antivirus

Adware.Win32.Montiera

4.0.3.1515

ESET NOD32

Win32/Toolbar.Montiera (variant)

9.10275

Fortinet FortiGate

Riskware/Agent

1/16/2015

IKARUS anti.virus

not-a-virus:Downloader.Montiera

t3scan.1.8.3.0

Kaspersky

not-a-virus:Downloader.Win32.Agent

14.0.0.3252

Malwarebytes

PUP.Optional.PayByAds.A

v2014.09.14.02

McAfee

Artemis!C7BFB42EEFF9

5600.7007

Panda Antivirus

Trj/Chgt.C

14.09.14.02

Qihoo 360 Security

Win32/Virus.Downloader.416

1.0.0.1015

Quick Heal

Downloader.Agent.r5 (Not a Virus)

1.15.14.00

Reason Heuristics

PUP.Montiera.MontieraTechnologies

15.1.16.1

Sophos

PayByAds

4.98

Trend Micro House Call

Suspicious_GEN.F47V0802

7.2.257

VIPRE Antivirus

Montiera

31932

File size:

624.9 KB (639,880 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\pricehorse\pricehorse\1.3.10.2\pricehorse.exe

Digital Signature

Signed by:

Montiera Technologies LTD

Authority:

COMODO CA Limited

Valid from:

7/22/2014 7:00:00 PM

Valid to:

7/23/2015 6:59:59 PM

Subject:

CN=Montiera Technologies LTD, O=Montiera Technologies LTD, STREET=Harbert Samuel 46, L=Tel Aviv, S=Gush Dan, PostalCode=6330303, C=IL

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00CCD3CD85F8C32F5C3FF9264E1A57C07D

File PE Metadata

Compilation timestamp:

7/30/2014 1:52:52 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

12288:8BLIFXnLNjqhpT3L4Pf21doRoMlBRItVdSObepBMRoU:eOAQoM/RItVdve3coU

Entry address:

0x3EEE2

Entry point:

E8, AE, 83, 00, 00, E9, 89, FE, FF, FF, B8, DA, 7D, 44, 00, A3, 10, 6A, 46, 00, C7, 05, 14, 6A, 46, 00, D0, 74, 44, 00, C7, 05, 18, 6A, 46, 00, 84, 74, 44, 00, C7, 05, 1C, 6A, 46, 00, BD, 74, 44, 00, C7, 05, 20, 6A, 46, 00, 26, 74, 44, 00, A3, 24, 6A, 46, 00, C7, 05, 28, 6A, 46, 00, 52, 7D, 44, 00, C7, 05, 2C, 6A, 46, 00, 42, 74, 44, 00, C7, 05, 30, 6A, 46, 00, A4, 73, 44, 00, C7, 05, 34, 6A, 46, 00, 30, 73, 44, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, BF, 8E, 00, 00, DB... 
[+]

Entropy:

6.2143

Code size:

328 KB (335,872 bytes)

The file pricehorse.exe has been discovered within the following program.

Price-Horse by Montiera Technologies LTD

Price Horse is an web browser advertisement extension that delivers ads to the user's web browser. Ads are in the form of traditional banners as well as context-hyper links.

86% remove it

Remove pricehorse.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.