» se.exe
Overview
Analysis
File Details

se.exe

AVSoftware EOOD

The software installer uses the StartInstall.com download manager which bundles additional adware offers (toolbars and utilities such as the SafeSearch toolbar) during setup. The application se.exe by AVSoftware EOOD has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.

File name:

se.exe

Publisher:

AVSoftware EOOD (signed and verified)

MD5:

7431543837cf3d8f89e5cb0febca7662

SHA-1:

43ddfea5474a70c55c70ecd919cca89e2e6138b6

SHA-256:

6d109daf7d54de7ba6fff986d276c83e7c515f17c1dd0b55c65c07c6da99f14b

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

11/23/2024 3:47:41 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.SafeSearch.AVSoftware EOOD (M)

16.4.13.20

File size:

325.5 KB (333,296 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\safesearch\1_13\se.exe

Digital Signature

Signed by:

AVSoftware EOOD

Authority:

Symantec Corporation

Valid from:

12/31/2015 12:00:00 AM

Valid to:

6/4/2016 12:59:59 AM

Subject:

CN=AVSoftware EOOD, O=AVSoftware EOOD, L=Sofia, S=Sofia, C=BG

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

57ABCD2BCF9FD1CFD5A1BABF2579820E

File PE Metadata

Compilation timestamp:

4/13/2016 4:22:20 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:agyDD5RewIY8+MoaqEsbPlIu2vbyschj/v888888888888W88888888888B:Dw5RewJ7avCVwysCj/v888888888888r

Entry address:

0x3D794

Entry point:

55, 8B, EC, 83, C4, E4, 53, 56, 57, 33, C0, 89, 45, E4, 89, 45, E8, 89, 45, EC, B8, 64, AA, 43, 00, E8, F6, C3, FC, FF, 33, C0, 55, 68, 62, D9, 43, 00, 64, FF, 30, 64, 89, 20, B2, 01, A1, F4, 3B, 42, 00, E8, 18, 04, FF, FF, 8B, D8, 66, BA, 3D, 00, 8B, C3, E8, 43, FC, FE, FF, B2, 01, 8B, C3, E8, A6, FC, FE, FF, BA, BC, 4F, 44, 00, 33, C0, E8, 46, 6D, FC, FF, E8, E1, 6C, FC, FF, 8B, F0, 85, F6, 0F, 8E, 4A, 01, 00, 00, C7, 05, B0, 4F, 44, 00, 01, 00, 00, 00, 8D, 55, EC, A1, B0, 4F, 44, 00, E8, 20, 6D, FC, FF... 
[+]

Entropy:

6.4665

Developed / compiled with:

Microsoft Visual C++

Code size:

242.5 KB (248,320 bytes)

Remove se.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.