ultimatespeedtester.exe

UltimateSpeedTester

The executable ultimatespeedtester.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘UltimateSpeedTester’. This file is typically installed with the program UltimateSpeedTester - Ultimate Speed Tester for Desktop by UltimateSpeedTester. While running, it connects to the Internet address bam-6.nr-data.net on port 443.
Publisher:
UltimateSpeedTester  (signed and verified)

MD5:
cededf3045aabcb47dfc740a8b8a4b26

SHA-1:
cd3c15a540ac9a5756940cf54707115097463c42

SHA-256:
01efff43f36388e323b86c0df889896d329e70275ee5cc123a7e51fab6484a06

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/25/2024 5:22:13 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.2.14

File size:
47.3 MB (49,612,680 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\ultimatespeedtester\ultimatespeedtester.exe

Digital Signature
Authority:
UltimateSpeedTester

Valid from:
12/24/2015 2:07:28 PM

Valid to:
12/21/2025 2:07:28 PM

Subject:
CN=UltimateSpeedTester, O=UltimateSpeedTester, S=Some-State, C=US

Issuer:
CN=UltimateSpeedTester, O=UltimateSpeedTester, S=Some-State, C=US

Serial number:
00D9492C315FD8655A

File PE Metadata
Compilation timestamp:
2/20/2016 8:43:51 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:XuK9C64r1c7VQZgnUrurLpbH05yL5dsuUQq6+4UYOkdOXQBwxwN:+wC64r1c6ZgnUSrLpbUAdBUQq6/BLVMO

Entry address:
0x1C9A031

Entry point:
E8, 5A, 3A, 01, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 55, 0C, A1, 20, A8, EC, 02, F7, D2, 8B, 4D, 08, 23, D0, 23, 4D, 0C, 0B, D1, 89, 15, 20, A8, EC, 02, 5D, C3, E8, 09, 21, 00, 00, 85, C0, 74, 08, 6A, 16, E8, CC, 21, 00, 00, 59, F6, 05, 20, A8, EC, 02, 02, 74, 21, 6A, 17, E8, D9, 20, 60, 00, 85, C0, 74, 05, 6A, 07, 59, CD, 29, 6A, 01, 68, 15, 00, 00, 40, 6A, 03, E8, A9, F8, FF, FF, 83, C4, 0C, 6A, 03, E8, 16, FC, FF, FF, CC, 55, 8B, EC, 8D, 45, 18, 50, 6A, 00, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75...
 
[+]

Entropy:
6.9395

Code size:
34.9 MB (36,634,112 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
UltimateSpeedTester

Command:
C:\users\{user}\appdata\roaming\ultimatespeedtester\ultimatespeedtester.exe su


The file ultimatespeedtester.exe has been discovered within the following program.

About 4% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to a104-101-242-194.deploy.static.akamaitechnologies.com  (104.101.242.194:443)

TCP (HTTP SSL):
Connects to bam-6.nr-data.net  (162.247.242.18:443)

TCP (HTTP SSL):
Connects to a2-16-31-65.deploy.akamaitechnologies.com  (2.16.31.65:443)

TCP (HTTP SSL):
Connects to a104-101-238-86.deploy.static.akamaitechnologies.com  (104.101.238.86:443)

Remove ultimatespeedtester.exe - Powered by Reason Core Security