home

suc13_fileshredder.exe

MD5:
325472601571f31e1bf00674c368d335

SHA-1:
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

SHA-256:
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/12/2025 4:32:45 AM UTC  (today)

File size:
43 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\iobit\advanced systemcare 7\suc13_fileshredder.exe

File PE Metadata
OS bitness:
Win64

Linker version:
0.44

CTPH (ssdeep):
3:CUkwltxlHh/:P/

Entry address:
0x3B0001

Entry point:
47, 49, 46, 38, 39, 61, 01, 00, 01, 00, 80, 00, 00, FF, FF, FF, 00, 00, 00, 21, F9, 04, 01, 00, 00, 00, 00, 2C, 00, 00, 00, 00, 01, 00, 01, 00, 00, 02, 02, 44, 01, 00, 3B...
 
[+]

Entropy:
3.0315

ActiveX Install
Name:
{1CE17C82-8DE2-4EF6-ACF9-3A8B21830475}


The file suc13_fileshredder.exe has been discovered within the following programs.

Advanced SystemCare 7  by IObit
Publisher's description - “Advanced SystemCare 7 provides automated and all-in-one PC care service with Malware Removal, Registry Fix, Privacy Protection, Performance Tune-up, and System Cleaning capabilities.”
www.iobit.com/advancedsystemcarepro.php
27% remove it
Advanced SystemCare 8  by IObit
www.iobit.com
19% remove it
Roulette Bot Plus  by www.roulettebotplus.com
Publisher's description - “Roulette Bot Plus is the world's first fully automated software that analyzes the roulette game and then automatically bets for you. Roulette Bot Plus is an innovative product that is able to analyze the coups of the game in over 10 different online casinos.”
www.RouletteBotPlus.com
46% remove it
 
Powered by Should I Remove It?

The file suc13_fileshredder.exe has been seen being distributed by the following 10 URLs.

http://admaym.com/UserMatch.ashx?bidderid=45&bidderuid=8f535767-4057-4500-a9a3-888f6189e2f0

http://dt.adsafeprotected.com/dt?advEntityId=64223&asId=f688aa34-7621-1eb5-4cd5-ec414acc054b&tv={c:re5Hs5,pingTime:-2,time:2337,type:a,fc:0,rt:1,cb:0,np:1,th:0,es:0,sa:1,gm:0,fif:0,slTimes:{i:0,o:0,n:2338,pp:0,pm:0,gpp:0,gpm:0,gi:0,go:0,gn:2338,fi:0,fo:0,fn:2338},slEvents:[{sl:n,fsl:fn,gsl:gn,t:81,ac:NaN.NaN.0.0,am:undefined,cc:undefined,bkn:{piv:[2310~75],as:[2309~0.0]}}],slEventCount:1,em:true,fr:false,uf:0,e:,tt:rjss,dtt:0,pl:,sinceFw:2254,readyFired:true}&br=i

http://ml314.com/utsync.ashx?hop=1&eid=50112&et=0&return=http://.../ibs:dpid=22052&dpuuid=[PersonID]

https://mail.google.com/mail/u/.../?ui=2&ik=4788311b8d&view=att&th=14660e2b6ee2c039&attid=0.1&disp=safe&zw

http://www.microsoft.com/genuine/static/.../clear.gif

http://liverail2waycm-atl.netmng.com/blank.gif?redirect=http://.../?metric=csync&p=3016&s=(NM-UserID)

https://apps.skype.com/home/images/.../blank.gif

http://rt.udmserve.net/.../fetch.tg?ev255=a;dt=3;

http://csm2waycm-atl.netmng.com/.../

http://atemda.com/UserMatch.ashx?bidderid=40&bidderuid=b60ca17c-8904-4eff-9418-5c755db12847

Scan suc13_fileshredder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.