home

supertela-ptbr.exe

SMART INSTALLER LLC

The application supertela-ptbr.exe by SMART INSTALLER has been detected as adware by 12 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.supertela.tv.
Publisher:
SMART INSTALLER LLC  (signed and verified)

Version:
1.0.3

MD5:
6f36f9f2a422c660d63f63a8a500a78f

SHA-1:
08aaf9cfeb1268df12b6a0109478987a41ede559

SHA-256:
0604e15713541944f6746be95c5595d86fd973e9f1073dac09da468f39778b8f

Scanner detections:
12 / 68

Status:
Adware

Analysis date:
11/27/2024 8:41:36 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Strictor.67301
827

AegisLab AV Signature
AdWare.MSIL.DomaIQ
2.1.4+

AVG
Generic
2015.0.3305

Baidu Antivirus
Adware.Win32.CNBTech
4.0.3.141030

Bitdefender
Gen:Variant.Adware.Strictor.67301
1.0.20.1515

Bkav FE
HW32.Packed
1.3.0.6185

Emsisoft Anti-Malware
Gen:Variant.Adware.Strictor.67301
8.14.10.30.02

ESET NOD32
Win32/AdWare.CNBTech (variant)
8.10644

F-Secure
Gen:Variant.Adware.Strictor.67301
11.2014-30-10_5

G Data
Gen:Variant.Adware.Strictor.67301
14.10.24

Quick Heal
(Suspicious) - DNAScan
10.14.14.00

Reason Heuristics
PUP.SMARTINSTALLER.O
14.10.30.14

File size:
961.5 KB (984,560 bytes)

Product version:
1.0.3

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\vnbu3qgj\supertela-ptbr.exe

Digital Signature
Signed by:
SMART INSTALLER LLC

Authority:
Starfield Technologies, Inc.

Valid from:
10/2/2014 12:31:12 PM

Valid to:
7/23/2015 1:42:49 PM

Subject:
CN=SMART INSTALLER LLC, O=SMART INSTALLER LLC, L=Lewes, S=Delaware, C=US

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
27FC25AC69E196

File PE Metadata
Compilation timestamp:
10/23/2014 2:33:40 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:98KPgmz4HyJVy4227ZjWnJO+Doh6zZNhLIV8ounRDcenbqtCqtWTrWrtQFB8FIL9:yG/m7G69BomZqYcUrIA/TBj7

Entry address:
0x21E000

Entry point:
55, 89, E5, 81, C5, 04, 00, 00, 00, 83, ED, 04, 87, 2C, 24, 5C, 89, 34, 24, 53, 89, E3, 81, C3, 04, 00, 00, 00, 81, EB, 04, 00, 00, 00, 87, 1C, 24, 5C, 89, 04, 24, 50, 89, E0, 05, 04, 00, 00, 00, 2D, 04, 00, 00, 00, 87, 04, 24, 5C, 89, 1C, 24, E8, 01, 00, 00, 00, CC, 8B, 04, 24, 55, 89, E5, 81, C5, 04, 00, 00, 00, 83, C5, 04, 87, 2C, 24, 5C, 68, 83, 79, 00, 00, 89, 04, 24, 5B, 57, BF, 01, 00, 00, 00, 01, F8, 5F, 50, 89, 34, 24, BE, 00, 40, 0C, 00, 29, F0, 5E, 2D, 43, 00, 17, 0B, 05, 00, 00, 17, 0B, 80, 3B...
 
[+]

Code size:
229.5 KB (235,008 bytes)

The file supertela-ptbr.exe has been seen being distributed by the following URL.

http://www.supertela.tv/soft/.../SuperTela-ptBR.exe

Remove supertela-ptbr.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.