home

skateboardcitysetup_ch.exe

NCIS Technologies Limited

The application skateboardcitysetup_ch.exe by NCIS Technologies Limited has been detected as a potentially unwanted program by 25 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. Part of RelevantKnowledge, a program typically installed via a software bundle (with the user's knowledge should they read the EULA) and will run in the background collecting and monitoring information about the user's behavior in order to build an extensive profile.
Publisher:
NCIS Technologies Limited  (signed and verified)

MD5:
a0a0c32b00b985addb78c3e9be73a8cf

SHA-1:
4c1f7e794c0f1255b17de4895f2050c73093bd2c

SHA-256:
b7eeba4ded045c23960997bd48a318283bb2f784784375a7fdd811260bbd15e1

Scanner detections:
25 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 10:09:58 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Relevant.BH
273

Agnitum Outpost
Adware.MarketScore
7.1.1

Avira AntiVirus
ADWARE/Adware.Gen
8.3.2.4

Arcabit
Adware.Relevant.BH
1.0.0.642

avast!
Win32:PUP-gen [PUP]
2014.9-160507

AVG
Skodna.Generic_c
2017.0.2751

Baidu Antivirus
Adware.Win32.RK
4.0.3.1657

Bitdefender
Adware.Relevant.BH
1.0.20.640

Clam AntiVirus
W32S.Adware.RelevantKnowledge-2
0.98/21511

Comodo Security
ApplicUnwnt.Win32.AdWare.RK.~E
23966

Dr.Web
Adware.Relevant.119
9.0.1.0128

Emsisoft Anti-Malware
Adware.Relevant.BH
8.16.05.07.09

ESET NOD32
Win32/Adware.MarketScore
10.12860

F-Secure
Adware.Relevant.BH
11.2016-07-05_7

G Data
Adware.Relevant.BH
16.5.25

IKARUS anti.virus
Trojan.Crypt
t3scan.1.9.5.0

Malwarebytes
PUP.Optional.RKN
v2016.05.07.09

MicroWorld eScan
Adware.Relevant.BH
17.0.0.384

NANO AntiVirus
Trojan.Win32.Relevant.crgfum
1.0.14.5380

nProtect
Adware.Relevant.BH
16.01.13.02

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16505

Sophos
RelevantKnowledge (PUA)
4.98

Total Defense
Win32/Tnega.VONTJF
37.1.62.1

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.4

VIPRE Antivirus
Adware.Win32.RelevantKnowledge.a
46472

File size:
493.8 KB (505,648 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\skateboardcitysetup_ch.exe

Digital Signature
Signed by:
NCIS Technologies Limited

Authority:
Thawte, Inc.

Valid from:
12/14/2011 6:00:00 PM

Valid to:
12/14/2012 5:59:59 PM

Subject:
CN=NCIS Technologies Limited, O=NCIS Technologies Limited, L=Wilmington, S=Delaware, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
085CF6F3312A433B1D49A8C12B31A107

File PE Metadata
Compilation timestamp:
12/5/2009 4:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:Bg6OLe75lrj0eFrggMlwcdr0zAWpph6UPMF1:G6Ue75NxNObdzQh1MF1

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9630

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

Remove skateboardcitysetup_ch.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.