home

update76222.exe

SimpleFiles Installer

Fasters INC

The application update76222.exe by Fasters INC has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the SimpleFiles installer. It is also typically executed from the user's temporary directory.
Publisher:
New Monte Inc  (signed by Fasters INC)

Product:
SimpleFiles Installer

Version:
1, 0, 604, 1

MD5:
022a557ad3baa82da97c84c467da6648

SHA-1:
ce2870dc8855b943a8583a8b484da396ad98b63e

SHA-256:
208df36935a0820bd21307c7679e7c1472a319e0fe6d5539fe24dcc7cc208430

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/15/2024 2:26:43 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.16.11

File size:
4 MB (4,145,976 bytes)

Product version:
1.0.0.1

Copyright:
Copyright http://simple-files.com (C) 2014

Original file name:
SimpleFilesInstaller.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SimpleFiles

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\update76222.exe

Digital Signature
Signed by:
Fasters INC

Authority:
Fasters INC

Valid from:
2/9/2015 6:04:04 AM

Valid to:
2/9/2016 6:04:04 AM

Subject:
CN=fasters.com, O=Fasters INC, S=London, C=UK

Issuer:
CN=fasters.com, C=UK, S=London, L=London, E=admin@fasters.com, O=Fasters INC

Serial number:
100001

File PE Metadata
Compilation timestamp:
3/23/2015 7:03:44 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x81BF4C

Entry point:
60, 9C, C7, 44, 24, 20, 28, A8, 0E, 1B, E8, 35, ED, FF, FF, 8D, 64, 24, 0C, E8, 9F, 54, CE, FF, 66, F7, D9, 01, 45, E0, E8, 7F, 74, C5, FF, 8D, 64, 24, 10, 0F, 86, 66, 52, C5, FF, 66, 87, F9, 8B, 7A, 24, 8D, 99, B0, 80, 59, 91, 01, C7, 66, FF, CB, 66, 0F, BA, F1, 04, D2, FD, 8B, 5A, 20, E9, 11, C5, FF, FF, E8, AB, E4, C6, FF, 50, 01, 73, F1, A6, 5B, F0, 6B, A5, 7F, 24, 15, F9, 45, C2, 87, BC, 5D, 04, C0, D1, 46, 3D, F4, 97, 6F, A5, 33, 60, 50, BF, EB, 70, 92, 70, 50, 01, 78, E3, 61, 59, A7, 5B, F0, 6C, 8E...
 
[+]

Entropy:
7.9351  (probably packed)

Code size:
1000.5 KB (1,024,512 bytes)

Remove update76222.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.