pricemeter.exe

PriceMeter

The application pricemeter.exe has been detected as adware by 2 anti-malware scanners. This file is typically installed with the program Price Metér (remove only) by DealPly Technologies Ltd. which is a potentially unwanted software program. While running, it connects to the Internet address rc2.las.dmtracker.com on port 80 using the HTTP protocol.
Publisher:
PriceMeter

Product:
PriceMeter

Version:
1.1.2.3

MD5:
9073765e84738588480e0241a1189a64

SHA-1:
865d3e5f3923d42addda02e3a60ffb5d35d81d0e

SHA-256:
5bed66dac921fc33cf79890ad7e4dead4a2fca83b2adbdf68ad458e37349f55c

Scanner detections:
2 / 68

Status:
Adware

Analysis date:
12/23/2024 11:38:56 AM UTC  (today)

Scan engine
Detection
Engine version

Malwarebytes
PUP.Optional.PriceMeter.A
v2014.05.06.07

Reason Heuristics
PUP.PriceMeter.K
14.9.30.13

File size:
849.5 KB (869,888 bytes)

Product version:
1.1.2.3

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\pricemeter\pricemeter.exe

File PE Metadata
Compilation timestamp:
5/4/2014 9:08:56 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:0RbEFabtSyO7TVjlPPIjMQD40jYTGw0l4irTXqMCQMm4etA8R:080tg7TVjBQrYuq

Entry address:
0x62746

Entry point:
E8, 79, A6, 00, 00, E9, 7F, FE, FF, FF, FF, 35, 88, 09, 4A, 00, FF, 15, B4, 51, 48, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 75, 9E, 00, 00, 6A, 01, 6A, 00, E8, 84, 13, 00, 00, 83, C4, 0C, E9, 9B, 13, 00, 00, 55, 8B, EC, 83, EC, 10, EB, 0D, FF, 75, 08, E8, 03, AA, 00, 00, 59, 85, C0, 74, 0F, FF, 75, 08, E8, 0A, 4A, 00, 00, 59, 85, C0, 74, E6, C9, C3, 6A, 01, 8D, 45, FC, 50, 8D, 4D, F0, C7, 45, FC, D4, 9E, 48, 00, E8, D5, 34, 00, 00, 68, 90, 3E, 49, 00, 8D, 45, F0, 50, C7, 45, F0, CC, 9E, 48, 00, E8, 33, 58...
 
[+]

Entropy:
6.1416

Code size:
526 KB (538,624 bytes)

The file pricemeter.exe has been discovered within the following program.

Price Metér (remove only)  by DealPly Technologies Ltd.
Price Meter injects advertising (coupons, discounts, comparative prices, etc.) in the user's Internet browser by running as an extension and/or add-on. Ads are delivered in the form of search-related ads, banner and video ads, and text-links and some popup/popunder ads.
support.pricemeter.net
88% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-23-21-218-182.compute-1.amazonaws.com  (23.21.218.182:80)

TCP (HTTP):
Connects to rc2.las.dmtracker.com  (69.64.147.242:80)

TCP (HTTP):
Connects to hosted-by.leaseweb.com  (198.7.59.26:80)

TCP (HTTP):
Connects to ec2-54-243-118-191.compute-1.amazonaws.com  (54.243.118.191:80)

TCP (HTTP):
Connects to ec2-184-73-193-19.compute-1.amazonaws.com  (184.73.193.19:80)

Remove pricemeter.exe - Powered by Reason Core Security