qtraxsetup.exe

Qtrax

Qtrax Inc

The application qtraxsetup.exe, “Qtrax Description Text” by Qtrax Inc has been detected as a potentially unwanted program by 9 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the Solimba download manager to push adware offers during the download and setup process. Bundled adware includes search and shopping web browser toolbars.
Publisher:
Qtrax Inc  (signed and verified)

Product:
Qtrax

Description:
Qtrax Description Text

Version:
20.13.06.24

MD5:
3debd504cbaf2e1d2927901cf144f6a7

SHA-1:
799198ccea02ff6fcc693f244c4bfa75747d7d62

SHA-256:
df81ddc23401c6ecc3041b68fb109677c545d7b181b7cf2160f5f9bb590d2abc

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
Uses the Solimba installer to bundle adware offers.

Analysis date:
11/26/2024 11:28:33 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/Solimba.Gen4
7.11.195.230

avast!
Win32:Trojan-gen
2014.9-141229

ESET NOD32
Win32/FirseriaInstaller (variant)
8.10881

IKARUS anti.virus
AdWare.BundleApp
t3scan.1.8.5.0

K7 AntiVirus
Unwanted-Program
13.187.14339

Kaspersky
not-a-virus:Downloader.Win32.Morstar
14.0.0.2723

Malwarebytes
PUP.Optional.Solimba
v2014.12.29.08

Reason Heuristics
PUP.Optional.Installer.K
14.12.29.8

VIPRE Antivirus
Trojan.Win32.Generic
35756

File size:
10.2 MB (10,657,904 bytes)

Copyright:
Author © 2013

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\qtraxsetup.exe

Digital Signature
Signed by:

Authority:
GoDaddy.com, Inc.

Valid from:
12/3/2014 6:32:48 PM

Valid to:
12/3/2016 6:32:48 PM

Subject:
CN=Qtrax Inc, O=Qtrax Inc, L=New York, S=New York, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B7DD3914B4B2A

File PE Metadata
Compilation timestamp:
10/7/2014 5:40:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:6aC3+KxmRIOJvhRPv02QZM5vSCI6nD3QMWBCgz6E245rW/wdeocWcR/q:FC3+fRIkhR02Qq5v3DWBCO6Ea/wde35q

Entry address:
0x321A

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 09, A3, F8, 1F, 7A, 00, E8, C0, 2D, 00, 00, A3, 44, 1F, 7A, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, F8, D4, 79, 00, FF, 15, 64, 71, 40, 00, 68, E4, 91, 40, 00, 68, 40, 17, 7A, 00, E8, 6A, 2A, 00, 00, FF, 15, B0, 70, 40, 00, BD, 00, 80, 7A, 00, 50, 55, E8, 58, 2A...
 
[+]

Entropy:
7.9998

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove qtraxsetup.exe - Powered by Reason Core Security