seo_indexer.exe

GSA SEO Indexer

GSA Gesellschaft fur Softwareentwicklung und Analytik GmbH

The application seo_indexer.exe, “GSA SEO Indexer Setup ” by GSA Gesellschaft fur Softwareentwicklung und Analytik GmbH has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from seo-indexer.gsa-online.de.
Publisher:
GSA Software   (signed by GSA Gesellschaft fur Softwareentwicklung und Analytik GmbH)

Product:
GSA SEO Indexer

Description:
GSA SEO Indexer Setup

MD5:
63997b6fb8558303a9961b560d1b7cd5

SHA-1:
58f67a83ab5e98b9f344383eac99a2181f905f2d

SHA-256:
33ca51d35b2db29e1858497dd75ddea6bb3addcbc5d6bf3acf028af57aed0ab6

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
11/15/2024 11:45:55 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore.CSH (L)
17.1.7.15

File size:
11 MB (11,569,568 bytes)

Product version:
1.74

Copyright:
© 2014 GSA Software

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\seo_indexer.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
9/13/2013 3:00:00 AM

Valid to:
9/14/2014 2:59:59 AM

Subject:
CN=GSA Gesellschaft fur Softwareentwicklung und Analytik GmbH, O=GSA Gesellschaft fur Softwareentwicklung und Analytik GmbH, STREET=Dierkower Damm 29, L=Rostock, S=Outside United States, PostalCode=18146, C=DE

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00EE9F4F863949418525912298776243DB

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9998

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file seo_indexer.exe has been seen being distributed by the following URL.

http://seo-indexer.gsa-online.de/.../seo_indexer.exe

Remove seo_indexer.exe - Powered by Reason Core Security