smilefiles_downloader.exe

SmileFiles Installer

Webitar Production Inc

The application smilefiles_downloader.exe by Webitar Production Inc has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software.
Publisher:
http://smile-files.com  (signed by Webitar Production Inc)

Product:
SmileFiles Installer

Version:
1, 0, 489, 1

MD5:
77913e32eed9cb91cd5118d13941ad5d

SHA-1:
e36fdc05af8377de67214c27f4e4e20b765c0e4b

SHA-256:
6b3d93e532471308fe2237f33b8761547f62f3f19e0982b7a5ac1cfad868813d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/14/2024 3:07:01 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.27.9

File size:
3.7 MB (3,882,648 bytes)

Product version:
1.0.0.1

Copyright:
Copyright http://smile-files.com (C) 2014

Original file name:
SmileFiles.exe

File type:
Executable application (Win32 EXE)

Language:
English

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\smilefiles_downloader.exe

Digital Signature
Authority:
DigiCert Inc

Valid from:
11/10/2014 6:00:00 PM

Valid to:
11/15/2017 6:00:00 AM

Subject:
CN=Webitar Production Inc, O=Webitar Production Inc, L=Mahe, C=SC

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F9F8704E151CAFCFEFEECFBBA733C63

File PE Metadata
Compilation timestamp:
1/22/2015 8:14:02 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x43783E

Entry point:
E9, FF, AA, 07, 00, 80, F9, 57, 01, C7, E8, EF, 0E, 08, 00, 73, C2, A0, DE, F5, AD, 9A, 0F, 34, 80, C6, 14, EA, 11, 57, A4, 42, 32, 66, 96, 50, F4, 85, 53, 78, A5, 32, 95, 53, DF, 32, E0, 04, 28, C6, EE, 3D, 40, 92, 14, CB, CC, 50, DF, 5F, 0E, E9, 79, 2E, B7, B8, 86, 67, B8, 1C, F4, 99, 46, D9, E4, 5A, 48, 1D, FF, 82, ED, 27, 8A, 66, 94, 1E, 37, 54, D9, 8F, 60, AD, 88, 1B, 25, 1A, A9, 65, A7, 1F, 8F, 01, 04, 9A, 89, A4, DA, 3C, 76, F2, 7B, AE, 25, 72, 01, 1A, C6, C0, 33, 02, 92, 9A, 44, 4B, FA, 0A, 81, AE...
 
[+]

Entropy:
7.9951

Packer / compiler:
Xtreme-Protector v1.05

Code size:
932 KB (954,368 bytes)

Remove smilefiles_downloader.exe - Powered by Reason Core Security