updateravingreyven.exe

raving reyven

Part of the Yontoo web browser plugin (delivers advertisements to the web browser in the form of injected banners, text-links, popups, etc.) the updater mechanism for raving reyven will automatically keep the extension patched by downloaded new functionality which is auto-enabled by default. The application updateravingreyven.exe by raving reyven has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
raving reyven  (signed and verified)

Version:
1.0.5566.3761

MD5:
58e5e6e06f675b57f1e7718555bdc929

SHA-1:
1d84f1cf268eb89d621e6d1a7554e77d2752fb6e

SHA-256:
0348f5f62d87697c7e2eccefdcdf0f65a97fdc45b9792508920d9ef0e140e965

Scanner detections:
1 / 68

Status:
Adware

Explanation:
Part of the Yontoo adware web browser extension update process.

Analysis date:
11/14/2024 2:42:45 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Yontoo
17.2.23.17

File size:
398.7 KB (408,312 bytes)

Product version:
1.0.5566.3761

Original file name:
ravingreyven2015032910.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\raving reyven\updateravingreyven.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/6/2015 1:00:00 AM

Valid to:
3/7/2016 12:59:59 AM

Subject:
CN=raving reyven, O=raving reyven, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
094C56C6055F28A2B936E967B7AE9397

File PE Metadata
Compilation timestamp:
3/29/2015 12:05:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x6367A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
390 KB (399,360 bytes)

Remove updateravingreyven.exe - Powered by Reason Core Security