home

tmp0000000500797375ba47c69e

Compete Cookie Retriever

Compete Inc

The file tmp0000000500797375ba47c69e by Compete Inc has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Compete, Inc.  (signed by Compete Inc)

Product:
Compete Cookie Retriever

Version:
3.2.0.314

MD5:
2e2a067a917afb13382a4d9226beaad4

SHA-1:
690a4a4a5bd72345082bf813dd26a477d3e51c81

SHA-256:
9173ad37e7970a1d53cfd71d2b6d72c45bb7077f3e536ad69141900ac5cde205

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 8:01:00 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Compete (M)
16.10.25.11

File size:
512 KB (524,288 bytes)

Product version:
3.2.0.1330

Copyright:
(c) Compete, Inc. All rights reserved.

Original file name:
cookie-retriever.exe

Language:
English (United States)

Common path:
C:\windows\temp\tmp0000000500797375ba47c69e

Digital Signature
Signed by:
Compete Inc

Authority:
Symantec Corporation

Valid from:
12/21/2014 7:00:00 PM

Valid to:
3/22/2018 7:59:59 PM

Subject:
CN=Compete Inc, O=Compete Inc, L=Boston, S=Massachusetts, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0A6DDD60D9E6C4FAA56565923F8669C2

File PE Metadata
Compilation timestamp:
3/1/2016 11:18:59 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
3072:SZMHaCyYT6WqWw3bNRTtI6BJNChA10VZiLoE0MC:kM6PY2lWAzTtI6BJ461UiLo

Entry address:
0x6BB4

Entry point:
48, 83, EC, 28, E8, 2F, 83, 00, 00, 48, 83, C4, 28, E9, 76, FE, FF, FF, CC, CC, 40, 53, 48, 83, EC, 40, 48, 8B, D9, EB, 0F, 48, 8B, CB, E8, CD, 83, 00, 00, 85, C0, 74, 13, 48, 8B, CB, E8, 01, 56, 00, 00, 48, 85, C0, 74, E7, 48, 83, C4, 40, 5B, C3, 8B, 05, A0, B5, 01, 00, 41, B8, 01, 00, 00, 00, 48, 8D, 1D, C3, 18, 01, 00, 41, 84, C0, 75, 39, 41, 0B, C0, 48, 8D, 54, 24, 58, 48, 8D, 0D, 67, B5, 01, 00, 89, 05, 79, B5, 01, 00, 48, 8D, 05, 72, 1F, 01, 00, 48, 89, 44, 24, 58, E8, 00, F8, FF, FF, 48, 8D, 0D, E1...
 
[+]

Entropy:
2.3800

Code size:
90.5 KB (92,672 bytes)

Remove tmp0000000500797375ba47c69e - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.