UltraAdwareKiller.exe

Ultra Adware Killer

Alfredo Anibal Santos Silva

This is a setup program which is used to install the application. The file has been seen being downloaded from indir.gezginler.net and multiple other hosts.
Publisher:
Carifred  (signed by Alfredo Anibal Santos Silva)

Product:
Ultra Adware Killer

Version:
4.3.0.0

MD5:
697124306a8ebc9bc61378631a7f84c5

SHA-1:
83b148c5f2d7e80d4a9da8cc3d291b2a39fb452c

SHA-256:
bfb5e18e167c1eb55320e918fc4a95694952589fff9351cf273c23144782d4a1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 1:06:58 AM UTC  (today)

File size:
1005.2 KB (1,029,344 bytes)

Product version:
4.3.0.0

Copyright:
Carifred © 2010 - 2016

Trademarks:
Carifred.com

Original file name:
UltraAdwareKiller.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\ultraadwarekiller.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
1/24/2016 10:00:00 PM

Valid to:
3/9/2019 8:59:59 PM

Subject:
CN=Alfredo Anibal Santos Silva, O=Alfredo Anibal Santos Silva, STREET=Résidence les angéliques, STREET=Rue du grand large, L=Port vendres, S=Languedoc - Roussillon, PostalCode=66660, C=FR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D028A36BBE4EC1B7FBF80D517A1B56C6

File PE Metadata
Compilation timestamp:
7/11/2016 6:01:11 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
24576:JlgJnG3oe8PMaMe6WLAtlow/ZENYcRTDIZc5OM1i8R1:JlgcoeZW0tmw/ZHcFIe5d1z

Entry address:
0x4D23C

Entry point:
48, 83, EC, 28, E8, 0F, 04, 00, 00, 48, 83, C4, 28, E9, 72, FE, FF, FF, CC, CC, E9, 1F, D6, 01, 00, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, C2, 48, 8D, 0D, ED, EB, 02, 00, 48, 89, 0B, 48, 8D, 53, 08, 33, C9, 48, 89, 0A, 48, 89, 4A, 08, 48, 8D, 48, 08, E8, 14, C4, 01, 00, 48, 8D, 05, FD, EB, 02, 00, 48, 89, 03, 48, 8B, C3, 48, 83, C4, 20, 5B, C3, CC, 33, C0, 48, 89, 41, 10, 48, 8D, 05, F3, EB, 02, 00, 48, 89, 41, 08, 48, 8D, 05, D8, EB, 02, 00, 48, 89, 01, 48, 8B, C1, C3, CC, 40, 53, 48, 83...
 
[+]

Code size:
487 KB (498,688 bytes)

The file UltraAdwareKiller.exe has been seen being distributed by the following 7 URLs.

http://indir.gezginler.net/i/34583/33343538335f323031362d31302d3239/.../

http://dl3.comss.ru/.../UltraAdwareKiller64.exe

https://downloader.disk.yandex.ua/disk/b79572a8ef64c84f245ab8b065e07dfdb4f6622ac4600cfdd5c25de0fbfb29c0/57c85510/.../x-msdownload&fsize=1180160&hid=46bf207ae2e9fe36074bd7c4bdb77297&media_type=executable&tknv=v2

http://indir.gezginler.net/i/34583/33343538335f323031362d30382d3136/.../

http://indir.gezginler.net/i/34583/33343538335f323031362d30382d3139/.../

Scan UltraAdwareKiller.exe - Powered by Reason Core Security