» pricemeter.exe
Overview
Analysis
File Details
Programs (1)
Network (4)

pricemeter.exe

PriceMeter

The application pricemeter.exe has been detected as adware by 4 anti-malware scanners. This file is typically installed with the program Price Metér (remove only) by DealPly Technologies Ltd. which is a potentially unwanted software program. While running, it connects to the Internet address rc2.las.dmtracker.com on port 80 using the HTTP protocol.

File name:

pricemeter.exe

Publisher:

PriceMeter

Product:

PriceMeter

Version:

1.0.7.4

MD5:

600085cdcc9288b01f5233aa399998cb

SHA-1:

066e712ef77a9bc90a060d5646a550cf3999f495

SHA-256:

a51e9f4bbbf7cf8fb6b26b3ef3c160716e26d088ae5d15d1fabe01385fd941d6

Scanner detections:

4 / 68

Status:

Adware

Analysis date:

11/22/2024 8:16:17 PM UTC (today)

Scan engine

Detection

Engine version

Malwarebytes

PUP.Optional.PriceMeter.A

v2014.04.17.03

Reason Heuristics

PUP.PriceMeter.K

14.9.30.13

Trend Micro House Call

ADW_PRICEMETER

7.2.107

Trend Micro

ADW_PRICEMETER

10.465.17

File size:

819 KB (838,656 bytes)

Product version:

1.0.7.4

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\users\{user}\appdata\local\pricemeter\pricemeter.exe

File PE Metadata

Compilation timestamp:

4/9/2014 8:05:43 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:vCbWgW6lBJw3YD9gHXv1C2TIAPL3yX2gXUpTTXqMCPMM4eCO8vYA+i:vCgwBXSv5PL3LQOaYYA+i

Entry address:

0x5C3B6

Entry point:

E8, 99, A4, 00, 00, E9, 7F, FE, FF, FF, FF, 35, 00, 9A, 49, 00, FF, 15, A8, F1, 47, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 95, 9C, 00, 00, 6A, 01, 6A, 00, E8, 2C, 03, 00, 00, 83, C4, 0C, E9, 43, 03, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 23, A8, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, 7A, 46, 00, 00, 59, 85, C0, 74, E6, C9, C3, 6A, 01, 8D, 45, FC, 50, 8D, 4D, F0, C7, 45, FC, 2C, 34, 48, 00, E8, C5, 34, 00, 00, 68, B0, D1, 48, 00, 8D, 45, F0, 50, C7, 45, F0, 24, 34, 48, 00, E8, 43, 4D... 
[+]

Entropy:

6.1298

Code size:

500.5 KB (512,512 bytes)

The file pricemeter.exe has been discovered within the following program.

Price Metér (remove only) by DealPly Technologies Ltd.

Price Meter injects advertising (coupons, discounts, comparative prices, etc.) in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links and some popup/popunder ads.

support.pricemeter.net

88% remove it

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to ec2-23-21-218-182.compute-1.amazonaws.com (23.21.218.182:80)

TCP (HTTP):

Connects to rc2.las.dmtracker.com (69.64.147.242:80)

TCP (HTTP SSL):

Connects to public102947.xdsl.centertel.pl (46.134.210.35:443)

TCP (HTTP SSL):

Connects to public102957.xdsl.centertel.pl (46.134.210.45:443)

Remove pricemeter.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.