» slc.exe
Overview
Analysis
File Details

slc.exe

Adpeak, Inc.

This is the instaler for an an Adpeak program that shows ads in the browser without providing information about the ad's origin. Ads are injected as banners or text-links in random web pages. The application slc.exe by Adpeak has been detected as adware by 8 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from an Internet Explorer cache folder.

File name:

slc.exe

Publisher:

Adpeak, Inc. (signed and verified)

MD5:

eea0ec99a7ecadf7f8dac7f920652bf4

SHA-1:

f44869870fa3dd827999a996c724ec9c71ece361

SHA-256:

1da5acd08c2e51f5a2944b0b8bf733a0d749253ad320a662a7ca8da61da9843a

Scanner detections:

8 / 68

Status:

Adware

Explanation:

Injects advertisements in the web browser in the form or banner ads and popups.

Analysis date:

11/23/2024 10:59:33 AM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/AdWare.Adpeak (variant)

7.9164

herdProtect (fuzzy)

variant of ptnr_20131120.exe (Adware)

2013.12.20.17

K7 AntiVirus

Unwanted-Program

13.174.10484

Malwarebytes

Adware.AdPeak

v2013.12.20.05

Reason Heuristics

PUP.Adpeak.D

14.8.7.17

Sophos

AdPeak

4.95

Trend Micro House Call

TROJ_GEN.F47V1114

7.2.320

VIPRE Antivirus

Adware.Adpeak

23592

File size:

540.9 KB (553,880 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\slc.exe

Digital Signature

Signed by:

Adpeak, Inc.

Authority:

DigiCert Inc

Valid from:

7/17/2013 5:00:00 PM

Valid to:

9/24/2014 5:00:00 AM

Subject:

CN="Adpeak, Inc.", O="Adpeak, Inc.", L=Sarasota, S=Florida, C=US

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0E4C86026B3F1F3BDBEDF4DA58E8FF09

File PE Metadata

Compilation timestamp:

7/14/2013 1:09:53 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:hiMOUC0cKDpdh4RphM6H/jpiQa/dFWmTzjFuV+u2nETUo89vHRnR+/E:zOUncKDqR06Gl9TzjFEMvZR+/E

Entry address:

0x31DD

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 14, C7, 44, 24, 10, D8, A2, 40, 00, 89, 6C, 24, 1C, FF, 15, 34, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, 34, 81, 40, 00, 55, FF, 15, AC, 82, 40, 00, 6A, 08, A3, 58, 4F, 43, 00, E8, 95, 2E, 00, 00, A3, A4, 4E, 43, 00, 55, 8D, 44, 24, 34, 68, B4, 02, 00, 00, 50, 55, 68, B8, B1, 42, 00, FF, 15, 7C, 81, 40, 00, 68, C0, A2, 40, 00, 68, A0, 3E, 43, 00, E8, 00, 2B, 00, 00, FF, 15, 38, 81, 40, 00, BB, 00, F0, 43, 00, 50, 53, E8, EE, 2A, 00, 00... 
[+]

Entropy:

7.9725

Packer / compiler:

Nullsoft install system v2.x

Code size:

24.5 KB (25,088 bytes)

Remove slc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.