setup{7e6e0e6c-290f-4899-9a09-08736d12255b}.exe

Big Water Applications, LLC

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser as well as modify the computer’s system settings that control applications to run on startup. Part of the Injekt brand of unwanted programs. The application setup{7e6e0e6c-290f-4899-9a09-08736d12255b}.exe by Big Water Applications has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
UpdaterResponse  (signed by Big Water Applications, LLC)

Product:
UpdaterResponse

Version:
3, 0, 0, 1

MD5:
be7d21e11e0d0cede2022fd8d208d790

SHA-1:
d9f3699a52d548e9c49a2da4d940850d423641e0

SHA-256:
647e4378c000ae465ff10c893ffb33885bbff399bf3fb9b56735a484ab36623a

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
12/25/2024 12:45:29 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Injekt (M)
16.11.23.12

File size:
1.1 MB (1,171,560 bytes)

Product version:
3, 0, 0, 1

Original file name:
response.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\setup{7e6e0e6c-290f-4899-9a09-08736d12255b}.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
4/21/2013 8:00:00 PM

Valid to:
4/22/2014 7:59:59 PM

Subject:
CN="Big Water Applications, LLC", O="Big Water Applications, LLC", STREET=640 Grand Ave, STREET=Suite E, L=Carlsbad, S=CA, PostalCode=92008, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0088DD6A4DF46D819C84B9E99D7A0530C5

File PE Metadata
Compilation timestamp:
11/22/2013 8:20:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:DklX47KbniJcTtd3DKymyzdeJefeCsi1X3iJR:QbniJpVyzdewfeCPir

Entry address:
0xBA859

Entry point:
E8, 36, F0, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24...
 
[+]

Entropy:
6.5937

Code size:
887 KB (908,288 bytes)