silent.exe

The application silent.exe has been detected as a potentially unwanted program by 16 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer, however the file is not signed with an authenticode signature from a trusted source. By plugging into the web browser, this extension will inject advertisements both banner and context hyperlinks based on the web sites being visited. It can be installed from the program's website or it may be bundled by third-party software installation programs.
MD5:
5c552083a73c2cf11b117b637d8dcac7

SHA-1:
3ead96cdba45b2abdc3250be4cd73de108849081

SHA-256:
96e90b89b9caf8b3f989f13d9a30fcf27001bb82a385e054e85361834689222f

Scanner detections:
16 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
12/24/2024 3:18:00 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Pasta.yrz
8.3.1.6

Baidu Antivirus
Trojan.NSIS.StartPage
4.0.3.1678

Comodo Security
UnclassifiedMalware
22243

ESET NOD32
NSIS/StartPage.CB
10.11680

K7 AntiVirus
Trojan
13.204.16013

Kaspersky
Trojan.Win32.Pasta
14.0.0.-63

Malwarebytes
PUP.Optional.WebCake
v2016.07.08.01

McAfee
Artemis!5C552083A73C
5600.6344

NANO AntiVirus
Trojan.Win32.Pasta.dgyqdw
0.30.24.1636

Norman
Malware
11.20160708

Panda Antivirus
Trj/Chgt.A
16.07.08.01

Qihoo 360 Security
Win32/Trojan.c2c
1.0.0.1015

Quick Heal
Trojan.Pasta.r5
7.16.14.00

Sophos
Mal/Generic-S
4.98

Vba32 AntiVirus
Trojan.Pasta
3.12.26.4

VIPRE Antivirus
Trojan.Win32.Generic
40542

File size:
850.5 KB (870,894 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\silent.exe

File PE Metadata
Compilation timestamp:
7/14/2013 3:09:51 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:6MxPaOZ+RTTlO8+sC0moKMxT8Rrl853PS0iykk:Bxig688+sC0BPxKrl4S0uk

Entry address:
0x310B

Entry point:
81, EC, 84, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 90, 91, 40, 00, 89, 5C, 24, 20, C6, 44, 24, 14, 20, FF, 15, 34, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 8C, 72, 40, 00, 6A, 08, A3, 58, EC, 42, 00, E8, 73, 2D, 00, 00, A3, A4, EB, 42, 00, 53, 8D, 44, 24, 38, 68, 60, 01, 00, 00, 50, 53, 68, E0, 8F, 42, 00, FF, 15, 64, 71, 40, 00, 68, 80, 91, 40, 00, 68, A0, E3, 42, 00, E8, 1D, 2A, 00, 00, FF, 15, 1C, 71, 40, 00, BD, 00, 40, 43, 00, 50, 55, E8, 0B, 2A...
 
[+]

Entropy:
7.9554

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file silent.exe has been seen being distributed by the following URL.

Remove silent.exe - Powered by Reason Core Security