home

rocket.exe

Rocket

Fast Browsers

The application rocket.exe has been detected as adware by 12 anti-malware scanners. This file is typically installed with the program Rocket by Fast Browsers which is a potentially unwanted software program. While running, it connects to the Internet address edge-atlas-shv-01-lht6.facebook.com on port 443.
Publisher:
Fast Browsers

Product:
Rocket

Version:
31.0.1650.23

MD5:
5c79af8aaf163689a9da8be99a35f5c7

SHA-1:
1ef66af9a883db8b493454b2dc745955b62d5ba4

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
11/26/2024 10:20:14 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.12750616
695

avast!
Win32:Dropper-gen [Drp]
2014.9-140625

Baidu Antivirus
Hacktool.Win32.ADInstaller
4.0.3.15311

Bitdefender
Trojan.Generic.12750616
1.0.20.350

Emsisoft Anti-Malware
Trojan.Generic.12750616
8.15.03.11.01

F-Secure
Trojan.Generic.12750616
11.2015-11-03_4

G Data
Trojan.Generic.12750616
15.3.25

Kaspersky
not-a-virus:RiskTool.Win32.ADInstaller
14.0.0.2362

MicroWorld eScan
Trojan.Generic.12750616
16.0.0.210

Panda Antivirus
Generic Suspicious
15.03.11.01

Qihoo 360 Security
Win32/Trojan.Dropper.c9f
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation
14.7.24.22

File size:
990.5 KB (1,014,272 bytes)

Product version:
31.0.1650.23

Copyright:
Copyright 2013 Fast Browsers. All rights reserved.

Original file name:
rocket.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Application data\rocket\application\rocket.exe

File PE Metadata
Compilation timestamp:
6/17/2014 2:32:20 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:Pxakzp4FSSLEtVpNWiJHCj+0DfFWOwvmyAOoe5NK0TjukP60lNg2HYBjtJR1FvOQ:ZPmJjzQOwvmyPocoegINdKjzFloWy

Entry address:
0x47242

Entry point:
E8, 58, B2, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, FC, 32, 46, 00, 57, FF, 35, 74, 35, 49, 00, FF, D6, FF, 35, 70, 35, 49, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, AE, B2, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, E6, 44, 00, 00, 59, 59, 85, C0, 75, 16, 8D, 43, 10, 3B, C3, 72, 3E, 50, FF, 75, FC, E8...
 
[+]

Entropy:
5.9291

Code size:
392 KB (401,408 bytes)

Shell Open Command
Open type:
ftp

Command:
"C:\Documents and Settings\{user}\Application data\rocket\application\rocket.exe" -- "%1"


The file rocket.exe has been discovered within the following program.

Rocket  by Fast Browsers
Roket from Fast Browsers is an advertisement support web browser based on the Chromium open source project (Chrome) that displays web browser ads and search based monetization.
About 60% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-23-23-87-72.compute-1.amazonaws.com  (23.23.87.72:80)

TCP (HTTP SSL):
Connects to t2.ycpi.vip.tpb.yahoo.com  (124.108.101.59:443)

TCP (HTTP SSL):
Connects to media-router-fp1.prod.media.vip.tp2.yahoo.com  (203.188.200.67:443)

TCP (HTTP SSL):
Connects to ir1.fp.vip.tp2.yahoo.com  (116.214.12.74:443)

TCP (HTTP):
Connects to ir1.fp.vip.ne1.yahoo.com  (98.138.253.109:80)

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-tpe1.facebook.com  (31.13.87.36:443)

TCP (HTTP):
Connects to ec2-23-21-70-3.compute-1.amazonaws.com  (23.21.70.3:80)

TCP (HTTP):
Connects to ebay.com  (66.135.209.52:80)

TCP (HTTP):
Connects to bcast-vlan300.it-gw.jfk02.as33612.net  (66.6.33.31:80)

TCP (HTTP):
Connects to a23-53-68-245.deploy.static.akamaitechnologies.com  (23.53.68.245:80)

TCP (HTTP SSL):
Connects to a23-48-140-228.deploy.static.akamaitechnologies.com  (23.48.140.228:443)

TCP (HTTP):
Connects to a104-116-18-220.deploy.static.akamaitechnologies.com  (104.116.18.220:80)

TCP (HTTP):
Connects to 108-174-10-10.fwd.linkedin.com  (108.174.10.10:80)

TCP (HTTP SSL):
Connects to xx-fbcdn-shv-01-lht6.fbcdn.net  (157.240.1.23:443)

TCP (HTTP SSL):
Connects to server-54-230-190-133.maa3.r.cloudfront.net  (54.230.190.133:443)

TCP (HTTP SSL):
Connects to s3-1.amazonaws.com  (54.231.40.170:443)

TCP (HTTP SSL):
Connects to media-router-fp1.prod.media.vip.sg3.yahoo.com  (106.10.178.36:443)

TCP (HTTP SSL):
Connects to edge-star-mini-shv-01-lht6.facebook.com  (157.240.1.35:443)

TCP (HTTP SSL):
Connects to edge-atlas-shv-01-lht6.facebook.com  (157.240.1.6:443)

TCP (HTTP):
Connects to 74.113.237.38.lv.iaccap.com  (74.113.237.38:80)

Remove rocket.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.