spotflux-latestpc.exe

Spotflux, Inc

The application spotflux-latestpc.exe, “This installer database contains the logic and data required to install Spotflux.” by Spotflux, Inc has been detected as a potentially unwanted program by 4 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. The file has been seen being downloaded from www.djylabrugynufrag.net and multiple other hosts.
Publisher:
Spotflux  (signed by Spotflux, Inc)

Product:
Spotflux

Description:
This installer database contains the logic and data required to install Spotflux.

Version:
2.10.1.34

MD5:
d98f84490426cbf3f1589e1d79bc9a5f

SHA-1:
1ded41d1568ab2d7ab8c6475f9b91f4fe198ee6c

SHA-256:
5bbc318decac04b5a45d9be39ea345631b5874654c298828b632ca14b30cbae6

Scanner detections:
4 / 68

Status:
Potentially unwanted

Explanation:
Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:
12/29/2024 10:38:18 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Adware.Conduit.6
9.0.1.072

ESET NOD32
Win32/Toolbar.Conduit
8.9539

Trend Micro House Call
TROJ_GEN.F47V0311
7.2.72

VIPRE Antivirus
Conduit
27344

File size:
10.8 MB (11,365,224 bytes)

Product version:
2.10.1.34

Copyright:
Copyright (C) 2014 Spotflux

Original file name:
spotflux-installer-2.10.1.34.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\spotflux-latestpc.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
2/14/2013 3:00:00 AM

Valid to:
3/17/2015 2:59:59 AM

Subject:
CN="Spotflux, Inc", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Spotflux, Inc", L=New York, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
787B156DBE2C603B1C32E7122CF5A030

File PE Metadata
Compilation timestamp:
2/10/2014 1:29:26 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:W1n1Seg8ijYsnOaPpIBbSvKyN3BGxeg8ijYsnOaPxIBbSMKyNdBA:8gLnOaPpIBmvKy2YgLnOaPxIBmMKyG

Entry address:
0xB888A

Entry point:
E8, D9, C9, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 7F, FB, FF, FF, 83, C4, 14, 5D, C3, E8, 26, 0C, 00, 00, 8B, 48, 6C, 3B, 0D, B8, A0, 52, 00, 74, 10, 8B, 0D, D0, 9F, 52, 00, 85, 48, 70, 75, 05, E8, 12, 17, 00, 00, A1, B8, 93, 52, 00, C3, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 44, 24, 0C, 53, 85, C0, 74, 52, 8B, 54, 24, 08, 33, DB, 8A, 5C, 24, 0C, F7, C2, 03, 00, 00, 00, 74, 16, 8A, 0A, 83, C2, 01, 32, CB, 74, 72, 83, E8, 01, 74, 32, F7...
 
[+]

Entropy:
7.4255

Code size:
948 KB (970,752 bytes)

The file spotflux-latestpc.exe has been seen being distributed by the following 2 URLs.

Remove spotflux-latestpc.exe - Powered by Reason Core Security