home

giant-savings_row.exe

Giant Savings

Amazing Apps

This is the installer application for a 50onRed advertising supported software package (displays ads in the browser and may hijack the home and search pages of the web browser). The application giant-savings_row.exe, “Giant Savings Installer” by Amazing Apps has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Install System installer.
Publisher:
215 Apps  (signed by Amazing Apps)

Product:
Giant Savings

Description:
Giant Savings Installer

Version:
1.18.149.149

MD5:
1e415b655f6b7296aa1cdb593aa3afa1

SHA-1:
8c2156f8075354c921a1efdb55037317e23a0f73

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
5/17/2024 1:27:33 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.50OnRed (M)
17.2.28.10

File size:
1.9 MB (2,022,263 bytes)

Copyright:
Copyright 215 Apps

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\giant-savings_row.exe

Digital Signature
Signed by:
Amazing Apps

Authority:
Thawte, Inc.

Valid from:
5/1/2012 2:00:00 AM

Valid to:
5/2/2013 1:59:59 AM

Subject:
CN=Amazing Apps, O=Amazing Apps, L=Philadelphia, S=Pennsylvania, C=US

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2E307885017928B61D4F2CEF5EB10A05

File PE Metadata
Compilation timestamp:
1/5/2010 1:09:32 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

Entry address:
0x4044

Entry point:
BB, 6F, BC, 97, 27, 93, E9, 20, 01, 00, 00, 75, 1B, 7E, 7A, 26, AA, 7E, 7A, 06, 5E, 1A, FE, FE, 7E, FE, FE, 03, FE, FE, FE, 5D, 2F, 34, 2F, 2E, 2F, 37, 35, 34, FE, FE, FE, 72, 5F, 78, 63, 60, 5F, 6B, 5F, 2C, 62, 6A, 6A, FE, FE, FE, FE, 5A, FE, FE, FE, 44, 70, 63, 63, 4A, 67, 60, 70, 5F, 70, 77, FE, 41, 70, 63, 5F, 72, 63, 42, 67, 70, 63, 61, 72, 6D, 70, 77, 3F, FE, FE, FE, FE, 45, 63, 72, 55, 67, 6C, 62, 6D, 75, 71, 42, 67, 70, 63, 61, 72, 6D, 70, 77, 3F, FE, FE, FE, FE, 45, 63, 72, 4B, 6D, 62, 73, 6A, 63...
 
[+]

Code size:
33 KB (33,792 bytes)

Remove giant-savings_row.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.