slc.exe

Adpeak, Inc.

This is the instaler for an an Adpeak program that shows ads in the browser without providing information about the ad's origin. Ads are injected as banners or text-links in random web pages. The application slc.exe by Adpeak has been detected as adware by 8 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from an Internet Explorer cache folder.
Publisher:
Adpeak, Inc.  (signed and verified)

MD5:
eea0ec99a7ecadf7f8dac7f920652bf4

SHA-1:
f44869870fa3dd827999a996c724ec9c71ece361

SHA-256:
1da5acd08c2e51f5a2944b0b8bf733a0d749253ad320a662a7ca8da61da9843a

Scanner detections:
8 / 68

Status:
Adware

Explanation:
Injects advertisements in the web browser in the form or banner ads and popups.

Analysis date:
12/25/2024 1:01:45 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/AdWare.Adpeak (variant)
7.9164

herdProtect (fuzzy)
2013.12.20.17

K7 AntiVirus
Unwanted-Program
13.174.10484

Malwarebytes
Adware.AdPeak
v2013.12.20.05

Reason Heuristics
PUP.Adpeak.D
14.8.7.17

Sophos
AdPeak
4.95

Trend Micro House Call
TROJ_GEN.F47V1114
7.2.320

VIPRE Antivirus
Adware.Adpeak
23592

File size:
540.9 KB (553,880 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\slc.exe

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
7/17/2013 5:00:00 PM

Valid to:
9/24/2014 5:00:00 AM

Subject:
CN="Adpeak, Inc.", O="Adpeak, Inc.", L=Sarasota, S=Florida, C=US

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0E4C86026B3F1F3BDBEDF4DA58E8FF09

File PE Metadata
Compilation timestamp:
7/14/2013 1:09:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:hiMOUC0cKDpdh4RphM6H/jpiQa/dFWmTzjFuV+u2nETUo89vHRnR+/E:zOUncKDqR06Gl9TzjFEMvZR+/E

Entry address:
0x31DD

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 08, A3, 58, 4F, 43, 00, E8, 95, 2E, 00, 00, A3, A4, 4E, 43, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, B8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, A0, 3E, 43, 00, E8, 00, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, EE, 2A, 00, 00...
 
[+]

Entropy:
7.9725

Packer / compiler:
Nullsoft install system v2.x

Code size:
24.5 KB (25,088 bytes)

Remove slc.exe - Powered by Reason Core Security