smartweb_u.exe

SmartWeb

SoftBrain Technologies Ltd.

The application smartweb_u.exe, “SoftBrain Technologies Ltd. - Price Comparison” by SoftBrain Technologies has been detected as a potentially unwanted program by 20 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.smart-web.me.
Publisher:
SoftBrain Technologies Ltd.  (signed and verified)

Product:
SmartWeb

Description:
SoftBrain Technologies Ltd. - Price Comparison

Version:
8.0.3.6

MD5:
f933945e0b4b2f4576879050bd46ca47

SHA-1:
75f22d7ff02f673838fc3f763496ef8dd84f1aaa

SHA-256:
8b9767cf4f2429315a45aabc8fb147e0acae4a2fdd1cf78c6a2332a9fdc4449b

Scanner detections:
20 / 68

Status:
Potentially unwanted

Explanation:
Displays offers (for product and services) of certain deals related to the search terms or context of a webpage which are popups outside the normal browser content.

Analysis date:
11/23/2024 8:12:01 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.PCE
693

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
ADWARE/Adware.Gen7
7.11.205.220

AVG
Generic
2016.0.3171

Bitdefender
Adware.Agent.PCE
1.0.20.360

Comodo Security
ApplicUnwnt.Win32.AdWare.PriceGong.~A
20886

Emsisoft Anti-Malware
Adware.Agent.PCE
8.15.03.13.03

ESET NOD32
Win32/PriceGong
9.11092

F-Secure
Adware.Agent.PCE
11.2015-13-03_6

G Data
Adware.Agent.PCE
15.3.25

IKARUS anti.virus
PUA.PriceGong
t3scan.1.8.6.0

K7 AntiVirus
Trojan
13.193.14791

Malwarebytes
PUP.Optional.SmartWeb.A
v2015.03.13.03

McAfee
Artemis!F933945E0B4B
5600.6827

MicroWorld eScan
Adware.Agent.PCE
16.0.0.216

nProtect
Adware.Agent.PCE
15.01.29.01

Reason Heuristics
PUP.Installer.SoftBrainTechnologies
15.4.24.0

Sophos
Generic PUA OD
4.98

Trend Micro House Call
Suspicious_GEN.F47V0104
7.2.72

VIPRE Antivirus
Trojan.Win32.Generic
37072

File size:
738 KB (755,680 bytes)

Product version:
8.0.3

Copyright:
SoftBrain Technologies Ltd.

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\smartweb_u.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
2/23/2014 7:00:00 PM

Valid to:
2/24/2015 6:59:59 PM

Subject:
CN=SoftBrain Technologies Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SoftBrain Technologies Ltd., L=Or Yehuda, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
53F07650CBBFA5BC97F5276104D31164

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:akMv0YHH7L4knKvvFU0fy5VlW7FAtyExhuxJRoSPNEWHHKv0YHH7fVWQk:vMvpnHnqi02k7FAtTniJRkvpnxWJ

Entry address:
0x30FA

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Entropy:
7.9601

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file smartweb_u.exe has been seen being distributed by the following URL.

Remove smartweb_u.exe - Powered by Reason Core Security