Run.exe

Run

Superfish Inc.

The application Run.exe by Superfish has been detected as adware by 18 anti-malware scanners.
Publisher:
Superfish, Inc.  (signed by Superfish Inc.)

Product:
Run

Description:
Run

Version:
1, 0, 0, 1

MD5:
98abceea301a9f266f31ea4cabe30486

SHA-1:
ba74f32719aa524845f0858e1ed603863873b304

SHA-256:
ba21ac1d552a207166e2336497aeb4046443128262ed74ed49806a491a819787

Scanner detections:
18 / 68

Status:
Adware

Analysis date:
12/25/2024 8:58:27 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Superfish.B
712

Avira AntiVirus
Adware/SuperFish.B.5
7.11.212.24

AVG
Superfish.4d6
2016.0.3190

Bitdefender
Adware.Superfish.B
1.0.20.270

Dr.Web
Adware.Superfish.1
9.0.1.054

Emsisoft Anti-Malware
Adware.Superfish
8.15.02.23.12

ESET NOD32
Win32/Adware.SuperFish (variant)
9.11216

F-Secure
Adware.Superfish.B
11.2015-23-02_2

G Data
Adware.Superfish
15.2.25

IKARUS anti.virus
AdWare.SuperFish
t3scan.1.8.6.0

K7 AntiVirus
Trojan
13.197.15043

Malwarebytes
PUP.Optional.SuperFish
v2015.02.23.12

MicroWorld eScan
Adware.Superfish.B
16.0.0.162

Qihoo 360 Security
Trojan.Generic
1.0.0.1015

Reason Heuristics
PUP.Superfish
15.3.1.9

Sophos
Generic PUA LK
4.98

Trend Micro House Call
TROJ_GEN.R0CCC0OBM15
7.2.54

VIPRE Antivirus
Superfish
37806

File size:
56.3 KB (57,688 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2011

Original file name:
Run.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\lenovo\visualdiscovery\run.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
7/28/2013 8:00:00 PM

Valid to:
7/27/2014 7:59:59 PM

Subject:
CN=Superfish Inc., O=Superfish Inc., L=Grandville, S=Michigan, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3E32431476CFB3E1F90955B25396A6F4

File PE Metadata
Compilation timestamp:
5/12/2014 12:33:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
768:aKkeHrJRSLy0rMqO4uu+uDX2oqNGn7vnrzrwHsmXPoIUzX:OebSLO0+yfqSEsmXgIEX

Entry address:
0x3073

Entry point:
55, 8B, EC, 6A, FF, 68, 28, 81, 40, 00, 68, 30, 4F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 20, 80, 40, 00, 33, D2, 8A, D4, 89, 15, B8, B5, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, B4, B5, 40, 00, C1, E1, 08, 03, CA, 89, 0D, B0, B5, 40, 00, C1, E8, 10, A3, AC, B5, 40, 00, 33, F6, 56, E8, F9, 1D, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, C4, 1A, 00, 00, FF, 15, 1C, 80, 40, 00, A3, D8, BA, 40, 00, E8...
 
[+]

Entropy:
4.8957

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
28 KB (28,672 bytes)

Remove Run.exe - Powered by Reason Core Security