searcher.exe

Artex Management S. A.

The application searcher.exe by Artex Management S. A has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. This file is typically installed with the program Searcher. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from syscos18.ru and multiple other hosts.
Publisher:
Artex Management S. A.  (signed and verified)

Version:
1.0.0.0

MD5:
ca5a6add7ace7ab6e50b0b02a21da52c

SHA-1:
73c11ffcd2d707c4761487d04ae27604a7210dbd

SHA-256:
36fefc7ba12ef26d585d440f2a3ac68e00f1691056b87714797f654387e2cd95

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 6:49:33 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ArtexManagementSA (M)
15.8.17.19

File size:
5.3 MB (5,604,416 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\searcher.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
10/3/2014 3:00:00 AM

Valid to:
10/4/2015 2:59:59 AM

Subject:
CN=Artex Management S. A., OU=Software Development, O=Artex Management S. A., STREET="50th Street , Global Plaza Tower, 19th Floor, Suite H", L=Panama City, PostalCode=12800, C=PA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00DDAF970527F5B24C6E53754F76D21CC3

File PE Metadata
Compilation timestamp:
8/13/2015 8:41:22 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:+bkm+hxvSMTj9UVGqNN/IegzFCoMWQaALnSTEEkh5SDl5UCym8S83a76KkTSgjj3:+EIHN/IeZomzFrSvoD26HD

Entry address:
0x394540

Entry point:
55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 70, 6B, 78, 00, E8, 57, B1, C7, FF, 33, C0, 55, 68, C7, 45, 79, 00, 64, FF, 30, 64, 89, 20, 8B, 0D, F8, 30, 7B, 00, A1, 8C, 37, 7B, 00, 8B, 00, 8B, 15, A0, F7, 77, 00, E8, E5, 3A, E5, FF, 8D, 55, EC, B8, 01, 00, 00, 00, E8, 24, 29, C7, FF, 8B, 45, EC, BA, E0, 45, 79, 00, E8, 5B, 6C, C7, FF, 74, 0E, A1, F8, 30, 7B, 00, 8B, 00, E8, 5D, DD, FE, FF, EB, 0C, A1, F8, 30, 7B, 00, 8B, 00, E8, AF, E2, FE, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, CE, 45, 79, 00, 8D, 45...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
3.6 MB (3,745,792 bytes)

The file searcher.exe has been discovered within the following program.

Searcher  by Searcher
About 1% of users remove it
 
Powered by Should I Remove It?

The file searcher.exe has been seen being distributed by the following 2 URLs.

Remove searcher.exe - Powered by Reason Core Security