SmdmFService.exe

SmdmF Service

Aztec Media inc.

The application SmdmFService.exe by Aztec Media inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a windows Service named “SmdmF Service”. This file is typically installed with the program Assets Manager by Aztec Media inc. which is a potentially unwanted software program.
Publisher:
Aztec Media Inc  (signed by Aztec Media inc.)

Product:
SmdmF Service

Version:
5.0.0.16213

MD5:
89e7986f2800d4bd16662ffe0049acc2

SHA-1:
10eaad8f0a65a8458a152101ec73eaa44ee29586

SHA-256:
4a15b2bfc434f5925e9dc42488f76ecf319b6f0f7bad8b52ecf276bea31fa605

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 6:29:46 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bandoo (M)
16.11.8.19

File size:
3.1 MB (3,203,328 bytes)

Product version:
5.0.0.16213

Copyright:
Copyright (c) 2005 - 2015

Original file name:
SmdmFService.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\assets manager\smdmf\smdmfservice.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/1/2015 5:00:00 AM

Valid to:
2/2/2018 4:59:59 AM

Subject:
CN=Aztec Media inc., O=Aztec Media inc., L=Panama City, S=Panama City, C=PA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2AF6396322BF5B08910274FFE4241447

File PE Metadata
Compilation timestamp:
6/14/2015 3:08:45 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:r81TTbgKGYcs4qx27aNxIOoW8g9UNoW4SIsvFKzgWW2k4f5lj9/FP:dKrcs4qx2ONF9UiW4S/L4PH

Entry address:
0x147B14

Entry point:
E8, A4, AF, 00, 00, E9, 89, FE, FF, FF, 6A, 10, 68, F8, E7, 6A, 00, E8, A6, 84, 00, 00, 33, C0, 89, 45, E0, 89, 45, FC, 89, 45, E4, 8B, 45, E4, 3B, 45, 10, 7D, 13, 8B, 75, 08, 8B, CE, FF, 55, 14, 03, 75, 0C, 89, 75, 08, FF, 45, E4, EB, E5, C7, 45, E0, 01, 00, 00, 00, C7, 45, FC, FE, FF, FF, FF, E8, 08, 00, 00, 00, E8, AD, 84, 00, 00, C2, 14, 00, 83, 7D, E0, 00, 75, 11, FF, 75, 18, FF, 75, E4, FF, 75, 0C, FF, 75, 08, E8, 4D, F8, FF, FF, C3, 8B, FF, 55, 8B, EC, 83, EC, 20, 53, 57, 33, DB, 6A, 07, 33, C0, 59...
 
[+]

Entropy:
6.4023

Code size:
2.5 MB (2,599,424 bytes)

Service
Display name:
SmdmF Service

Service name:
SmdmFService

Description:
Serving SmdmF modules functionality

Type:
Win32OwnProcess, InteractiveProcess


The file SmdmFService.exe has been discovered within the following program.

Assets Manager  by Aztec Media inc.
Asset Manager is an adware web browser add-on that injects advertising in the user's browser as well as hijacks various browser settings such as the home page, search provider and new tab page. Its is protected and difficult to remove.
80% remove it
 
Powered by Should I Remove It?

Remove SmdmFService.exe - Powered by Reason Core Security