speedfixtoolplus.exe

Speed Fix Tool Plus

Interads, UAB

The application speedfixtoolplus.exe, “This installer database contains the logic and data required to install Speed Fix Tool Plus.” by Interads, UAB has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from dkz3dn0anfnax.cloudfront.net and multiple other hosts.
Publisher:
FixBliss  (signed by Interads, UAB)

Product:
Speed Fix Tool Plus

Description:
This installer database contains the logic and data required to install Speed Fix Tool Plus.

Version:
3.0.2

MD5:
7db0a6f4133537ec3fd5418ffbc18957

SHA-1:
20fd8f8faabfb6d40db337ef3cf5c98194debf60

SHA-256:
9f0256d52f5d2e9d9bf71e81db911be41096aba4b89b2ae240acaf51ec3fd63f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/23/2024 2:18:23 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FixBliss.RegClean.Optional.Installer.Meta (L)
16.2.23.20

File size:
7.1 MB (7,470,792 bytes)

Product version:
3.0.2

Copyright:
Copyright (C) 2016 FixBliss

Original file name:
SpeedFixToolPlusSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\speedfixtoolplus.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
4/27/2015 5:00:00 PM

Valid to:
4/9/2017 4:59:59 PM

Subject:
CN="Interads, UAB", O="Interads, UAB", L=Kaunas, S=Kaunas, C=LT

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
6D385FBF6207159A583E3B1E8142BEB7

File PE Metadata
Compilation timestamp:
11/19/2015 4:24:58 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:cm9Wzeh1+uMczOlgHtidQQStBhcV2O0TTfmY2L+rpAdHGXOHVN+lcbe5sIexyWP:kzW1+uelgHwS3hHtX7yMmdm+CteP

Entry address:
0xC7B47

Entry point:
E8, 76, B2, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 53, 56, 8B, F1, 33, DB, 3B, F3, 75, 16, E8, D8, 3E, 00, 00, 6A, 16, 5E, 89, 30, E8, 3E, 62, 00, 00, 8B, C6, E9, B4, 00, 00, 00, 57, 39, 5D, 08, 77, 16, E8, BC, 3E, 00, 00, 6A, 16, 5E, 89, 30, E8, 22, 62, 00, 00, 8B, C6, E9, 97, 00, 00, 00, 33, C9, 39, 5D, 10, 66, 89, 0E, 0F, 95, C1, 41, 39, 4D, 08, 77, 09, E8, 95, 3E, 00, 00, 6A, 22, EB, D7, 8B, 4D, 0C, 83, C1, FE, 83, F9, 22, 77, C5, 8B, CE, 39, 5D, 10, 74, 0E, 6A, 2D, 59, 33, DB, 66, 89, 0E, 43...
 
[+]

Entropy:
7.8106  (probably packed)

Code size:
1 MB (1,069,056 bytes)

The file speedfixtoolplus.exe has been seen being distributed by the following 2 URLs.

Remove speedfixtoolplus.exe - Powered by Reason Core Security