home

PrimePC.exe

PrimePC

Adwill Communications Co., LTD.

The application PrimePC.exe by Adwill Communications Co. has been detected as a potentially unwanted program by 7 anti-malware scanners.
Publisher:
애드윌커뮤니케이션즈  (signed by Adwill Communications Co., LTD.)

Product:
PrimePC

Description:
PrimePC 프로그램

Version:
1.0.0.0

MD5:
6ea0320877bc5c3ea06ab991383d588e

SHA-1:
406ea6adab629b5cdc49dd733855d9b476238f8d

SHA-256:
832313e712e3cf2864465b277d4716be19443a3bba99754ccc87573ce1d3e985

Scanner detections:
7 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 8:33:15 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.Helper
2015.04.09

Bkav FE
W32.HfsAdware
1.3.0.7237

Dr.Web
Trojan.Adkor.204
9.0.1.0313

McAfee
Artemis!6EA0320877BC
5600.6586

Reason Heuristics
PUP.Optional.AdwillCommunicationsCo
15.11.9.14

Trend Micro House Call
Suspicious_GEN.F47V0701
7.2.313

VIPRE Antivirus
Trojan.Win32.Generic!SB.0
31710

File size:
4.5 MB (4,739,784 bytes)

Product version:
1.0.0.0

Copyright:
Copyright ⓒ 애드윌커뮤니케이션즈 All Rights Reserved.

Original file name:
PrimePC.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\primepc\primepc.exe

Digital Signature
Signed by:
Adwill Communications Co., LTD.

Authority:
GlobalSign nv-sa

Valid from:
4/11/2014 2:20:38 PM

Valid to:
5/17/2015 3:15:46 PM

Subject:
CN="Adwill Communications Co., LTD.", OU=Dev Team, O="Adwill Communications Co., LTD.", L=Guro-gu, S=Seoul, C=KR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112124D894DD2342DADF6A97FAFAF674D5D3

File PE Metadata
Compilation timestamp:
5/6/2015 10:54:46 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:i+tlSHk0l9aSOgN9ViXSsdGzHsJ8kaGKHgCT0ozjPKJcvLeQIWR:i+uHkqVPOGu8kaGKAEPKJcvLeQIWR

Entry address:
0x28E2F4

Entry point:
55, 8B, EC, B9, 1F, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, B8, 78, 0D, 68, 00, E8, 7D, DC, D7, FF, 33, C0, 55, 68, C1, EB, 68, 00, 64, FF, 30, 64, 89, 20, A1, 84, B9, 69, 00, 8B, 00, E8, C3, CB, EB, FF, A1, 84, B9, 69, 00, 8B, 00, 33, D2, E8, D5, E8, EB, FF, A1, 84, B9, 69, 00, 8B, 00, C6, 40, 5F, 00, A1, 84, B9, 69, 00, 8B, 00, BA, DC, EB, 68, 00, E8, 91, C5, EB, FF, E8, 70, 66, D7, FF, 85, C0, 0F, 8E, 74, 06, 00, 00, 89, 45, E4, C7, 05, F0, 1C, 6C, 00, 01, 00, 00, 00, 8D, 55, DC, A1, F0, 1C, 6C...
 
[+]

Entropy:
6.2051

Developed / compiled with:
Microsoft Visual C++

Code size:
2.6 MB (2,676,736 bytes)

Remove PrimePC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.