home

secure.exe

Secure Browser

Safer Technologies LLC

The application secure.exe by Safer Technologies has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Secure Browser by Safer Technologies LLC which is a potentially unwanted software program. While running, it connects to the Internet address 201-217-205-234-host.ifx.net.co on port 443.
Publisher:
Safer Technologies LLC  (signed and verified)

Product:
Secure Browser

Version:
55.1.2883.373

MD5:
ca38a69072d416ea14b1aa34c3c2fbcb

SHA-1:
3d3c145d99ccb11ac5b6aac3274ecbdc8a013102

SHA-256:
4bfb99d18e034d3cc70621e0d39a9a88bf74bd2fcfc0500e0ebff2548ae260b1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:32:28 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SafeBrowser (L)
17.1.8.21

File size:
859.4 KB (879,992 bytes)

Product version:
55.1.2883.373

Copyright:
(c) 2016 Safer Technologies LLC

Original file name:
secure.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\safer technologies\secure browser\application\secure.exe

Digital Signature
Signed by:
Safer Technologies LLC

Authority:
VeriSign, Inc.

Valid from:
5/4/2016 1:00:00 AM

Valid to:
11/3/2018 11:59:59 PM

Subject:
CN=Safer Technologies LLC, O=Safer Technologies LLC, L=Wilmington, S=Delaware, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
522AD06C00D636D11A6494D34695FDCF

File PE Metadata
Compilation timestamp:
1/1/2017 8:08:11 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x4CB53

Entry point:
E8, 0A, 08, 00, 00, E9, 8E, FE, FF, FF, 55, 8B, EC, 6A, 00, FF, 15, D4, 71, 48, 00, FF, 75, 08, FF, 15, 64, 73, 48, 00, 68, 09, 04, 00, C0, FF, 15, B4, 70, 48, 00, 50, FF, 15, 40, 71, 48, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, C7, 46, 03, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 00, 43, 4B, 00, 89, 0D, FC, 42, 4B, 00, 89, 15, F8, 42, 4B, 00, 89, 1D, F4, 42, 4B, 00, 89, 35, F0, 42, 4B, 00, 89, 3D, EC, 42, 4B, 00, 66, 8C, 15, 18, 43, 4B, 00, 66, 8C, 0D, 0C, 43, 4B, 00, 66, 8C, 1D, E8...
 
[+]

Entropy:
6.5151

Code size:
533 KB (545,792 bytes)

Shell Open Command
Open type:
http

Command:
"C:\Program Files\safer technologies\secure browser\application\secure.exe" -- "%1"


The file secure.exe has been discovered within the following program.

Secure Browser  by Safer Technologies LLC
www.securebrowser.com
About 62% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to ec2-54-172-8-74.compute-1.amazonaws.com  (54.172.8.74:443)

TCP (HTTP):
Connects to www.aida64.com  (82.131.160.83:80)

TCP (HTTP):
Connects to https-208-111-158-196.dal.llnw.net  (208.111.158.196:80)

TCP (HTTP SSL):
Connects to 201-217-205-241-host.ifx.net.co  (201.217.205.241:443)

TCP (HTTP):
Connects to 201-217-205-222-host.ifx.net.co  (201.217.205.222:80)

TCP (HTTP):
Connects to ec2-54-243-163-102.compute-1.amazonaws.com  (54.243.163.102:80)

TCP (HTTP):
Connects to 98.143.146.7.static.quadranet.com  (98.143.146.7:80)

TCP (HTTP SSL):
Connects to 201-217-205-226-host.ifx.net.co  (201.217.205.226:443)

TCP (HTTP):
Connects to https-69-28-164-128.dal.llnw.net  (69.28.164.128:80)

TCP (HTTP):
Connects to a23-63-108-56.deploy.static.akamaitechnologies.com  (23.63.108.56:80)

TCP (HTTP):
Connects to a23-63-108-25.deploy.static.akamaitechnologies.com  (23.63.108.25:80)

TCP (HTTP SSL):
Connects to 201-217-205-234-host.ifx.net.co  (201.217.205.234:443)

TCP (HTTP):
Connects to s-prd-umpxl-adcom-scd-a.evip.aol.com  (152.163.13.4:80)

TCP (HTTP SSL):
Connects to lga-delivery-10.sys.adgear.com  (173.231.178.118:443)

TCP (HTTP SSL):
Connects to ec2-54-243-231-120.compute-1.amazonaws.com  (54.243.231.120:443)

TCP (HTTP):
Connects to ec2-54-215-196-13.us-west-1.compute.amazonaws.com  (54.215.196.13:80)

TCP (HTTP SSL):
Connects to ec2-54-196-164-240.compute-1.amazonaws.com  (54.196.164.240:443)

TCP (HTTP SSL):
Connects to ec2-54-173-239-201.compute-1.amazonaws.com  (54.173.239.201:443)

TCP (HTTP):
Connects to ec2-52-5-27-84.compute-1.amazonaws.com  (52.5.27.84:80)

TCP (HTTP):
Connects to ec2-52-27-92-30.us-west-2.compute.amazonaws.com  (52.27.92.30:80)

Remove secure.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.