searchlite_sl25.exe

WooJung ITS

The application searchlite_sl25.exe by WooJung ITS has been detected as a potentially unwanted program by 36 anti-malware scanners.
Publisher:
WooJung ITS  (signed and verified)

Version:
1, 0, 0, 2

MD5:
1c3ac50841109421c850ee098c379b73

SHA-1:
855e17f16523512370c7c960fe6933f5e8bf15ac

SHA-256:
296a7da43474a7cc7a61d72107fb9d87f6cc26e3fb71344b3b1cec244a440b42

Scanner detections:
36 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 12:03:46 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Kazy.34232
321

Agnitum Outpost
Adware.BonusCash
7.1.1

AhnLab V3 Security
PUP/Win32.SearchLite
2014.07.16

Avira AntiVirus
SPR/Tool.110736
7.11.160.254

avast!
Win32:PUP-gen [PUP]
2014.9-160320

AVG
Win32/DH{gRKBE0ETAFg4NSAlEnYudw9l}
2017.0.2799

Bitdefender
Gen:Variant.Adware.Kazy.34232
1.0.20.400

Bkav FE
W32.Clod305.Trojan
1.3.0.4959

Comodo Security
Heur.Suspicious
18866

Dr.Web
Trojan.DownLoader9.53960
9.0.1.080

Emsisoft Anti-Malware
Gen:Variant.Adware.Kazy.34232
8.16.03.20.12

ESET NOD32
Win32/Adware.BonusCash.AB (variant)
10.10102

Fortinet FortiGate
Adware/BonusCash
3/20/2016

F-Secure
Gen:Variant.Adware.Kazy.34232
11.2016-20-03_1

G Data
Gen:Variant.Adware.Kazy.34232
16.3.24

IKARUS anti.virus
not-a-virus:AdWare.Win32.SideTab
t3scan.1.6.1.0

K7 AntiVirus
Riskware
13.180.12733

Kaspersky
not-a-virus:AdWare.Win32.SideTab
14.0.0.490

Malwarebytes
Trojan.Downloader
v2016.03.20.12

McAfee
Generic PUP.t
5600.6455

MicroWorld eScan
Gen:Variant.Adware.Kazy.34232
17.0.0.240

NANO AntiVirus
Trojan.Win32.DownLoader3.zyqef
0.28.2.60881

Norman
Suspicious_Gen2.GRJWL
11.20160320

nProtect
Trojan-Clicker/W32.SideTab_Packed.110736
14.07.15.01

Panda Antivirus
Trj/Genetic.gen
16.03.20.12

Qihoo 360 Security
Win32/Trojan.7e4
1.0.0.1015

Quick Heal
Adware.Bonuscash (Not a Virus)
3.16.14.00

Rising Antivirus
PE:Trojan.Win32.Generic.1269686B!308897899
23.00.65.16318

Sophos
Generic PUA IF
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-BonusCash
9255

Trend Micro House Call
ADW_BONUSCASH
7.2.80

Trend Micro
ADW_BONUSCASH
10.465.20

Vba32 AntiVirus
AdWare.SideTab
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
31316

ViRobot
Adware.SideTab.110736.A
2011.4.7.4223

Zillya! Antivirus
Adware.SideTab.Win32.100
2.0.0.1859

File size:
108.1 KB (110,736 bytes)

Product version:
1, 0, 0, 2

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\searchlite_sl25.exe

Digital Signature
Signed by:

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/26/2010 9:00:00 AM

Valid to:
3/27/2011 8:59:59 AM

Subject:
CN=WooJung ITS, O=WooJung ITS, L="Gangnam-gu ", S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
4D2AAB16F6D4B6BBA36AE03604B21FA9

File PE Metadata
Compilation timestamp:
12/28/2010 11:34:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:W59jiykIZ553vHn1tezm3H/V1QR28JgjAMDY83x1DOzqnz:I9WW5VvbR3H4RDJgjAGXB1Dv

Entry address:
0x4FD10

Entry point:
60, BE, 00, 70, 43, 00, 8D, BE, 00, A0, FC, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.8599

Packer / compiler:
UPX 2.90LZMA

Code size:
100 KB (102,400 bytes)

Remove searchlite_sl25.exe - Powered by Reason Core Security