savepathdeals.dll

Savepath Deals

The module savepathdeals.dll by Savepath Deals has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Savepath Deals which is a potentially unwanted software program.
Publisher:
Savepath Deals  (signed and verified)

Product:
Savepath Deals

Version:
1.0.0.1

MD5:
533e1b87ef44f077b585c432e9d18b5b

SHA-1:
0e1d075776c8c103a70d622e774c4bd996d37de5

SHA-256:
a5e704b83c9429e3b1eca39515093a1ca9c2c8c74ffdfad0ce1323fdf8abcb01

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 2:46:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SavepathDeals (M)
15.10.29.8

File size:
1.8 MB (1,871,640 bytes)

Product version:
1.0.0.1

Copyright:
Savepath Deals

Original file name:
couponsapp.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\savepath deals\savepathdeals.dll

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/16/2013 8:00:00 PM

Valid to:
5/17/2014 7:59:59 PM

Subject:
CN=Savepath Deals, O=Savepath Deals, STREET=2526 W Macarthur blvd, STREET=UNIT G, L=Santa Ana, S=CA, PostalCode=92704, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0080BC518A6FEE7C80D4DA50F0F5EEB4DA

File PE Metadata
Compilation timestamp:
5/20/2013 10:46:49 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:Pq4/AL0HXFWiJWimH8HYTV1xfMCeilOJrBj0m23PyoDrRJ5KZjhq59XDVMEocaMJ:Pd/ALAWjimH84TV1xfMCLlOJrBj0m23l

Entry address:
0x10DEF7

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, A7, BB, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 66, 8B, 08, 83, C0, 02, 66, 85, C9, 75, F5, 2B, 45, 08, D1, F8, 48, 5D, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, A0, 51, 18, 10, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24...
 
[+]

Entropy:
6.6078

Code size:
1.2 MB (1,273,344 bytes)

The file savepathdeals.dll has been discovered within the following program.

Savepath Deals  by Savepath Deals
Publisher's description - “Download and install our small browser add-on to get started. Don't worry our app is free and only shows minimal ads that won't get in the way. If you want to remove our app at anytime you can uninstall it.”
www.savepathdeals.com
64% remove it
 
Powered by Should I Remove It?

Remove savepathdeals.dll - Powered by Reason Core Security