How to remove A0015009.exe
- File Details
- Overview
- Analysis
A0015009.exe
The module A0015009.exe has been detected as PUP.Toolbar
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
e6ff05b8d18e70135311df1976f4805a |
| Size: |
2 MB |
| First Published: |
2017-06-20 14:06:07 (8 years ago) |
| Latest Published: |
2024-11-15 23:01:04 (9 months ago) |
| Status: |
PUP.Toolbar (on last analysis) |
|
| Analysis Date: |
2024-11-15 23:01:04 (9 months ago) |
Overview
| Signed By: |
Crawler Group, LLC |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %programfiles%\spyware terminator\tools |
| %sysdrive%\windows.old.000\program files (x86)\spyware terminator\tools |
| %sysdrive%\system volume information\_restore{115a6895-6e26-46ed-ab4e-4cfd2c2141b8}\rp36 |
| %commonappdata%\martau\total uninstall 6\backup\spyware terminator 2015.analyzed.zip\c:\program files (x86)\spyware terminator\tools |
| %programfiles%\spyware terminator |
| %sysdrive%\archivos de programa\spyware terminator |
| %sysdrive%\system volume information\_restore{586871f4-d9cc-4f9f-9fa0-5fea4b89a97f} |
| %sysdrive%\system volume information\_restore{83e9558c-6427-438e-8170-58877fd8ff61} |
| %programfiles%\~spyware terminator |
| %commonappdata%\spyware terminator\shared |
| analyzefile.exe |
| A0015009.exe |
| A0138168.exe |
| A0005738.exe |
| A0039634.exe |
| A0117173.exe |
| Poland |
18.9% |
|
| Russia |
16.9% |
|
| Czech Republic |
12.3% |
|
| Brazil |
9.3% |
|
| Italy |
3.7% |
|
| Ukraine |
3.7% |
|
| Hungary |
3.3% |
|
| Spain |
3.3% |
|
| Indonesia |
2.7% |
|
| Turkey |
2.7% |
|
| Germany |
2.7% |
|
| Israel |
1.7% |
|
| United States |
1.7% |
|
| Serbia |
1.7% |
|
| Taiwan |
1.3% |
|
| Saudi Arabia |
1.3% |
|
| Slovakia |
1.0% |
|
| Argentina |
1.0% |
|
| Peru |
1.0% |
|
| United Kingdom |
0.7% |
|
| Thailand |
0.7% |
|
| Belarus |
0.7% |
|
| Netherlands |
0.7% |
|
| Belgium |
0.7% |
|
| France |
0.7% |
|
| Ecuador |
0.7% |
|
| Australia |
0.7% |
|
| Colombia |
0.7% |
|
| Sweden |
0.3% |
|
| Armenia |
0.3% |
|
| Japan |
0.3% |
|
| Austria |
0.3% |
|
| Croatia |
0.3% |
|
| Romania |
0.3% |
|
| Finland |
0.3% |
|
| Paraguay |
0.3% |
|
| Estonia |
0.3% |
|
| Chile |
0.3% |
|
| Moldova |
0.3% |
|
| Mexico |
0.3% |
|
| Windows 10 |
50.8% |
|
| Windows 7 |
33.3% |
|
| Windows 8.1 |
10.6% |
|
| Windows XP |
3.6% |
|
| Windows Vista |
0.7% |
|
| Windows Server 2003 |
0.7% |
|
| Windows 8 |
0.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x001fc4e4 |
| Name |
Size of data |
MD5 |
| .text |
2071040 |
b3f444e7c9df1d1348539492bc844fed |
| .itext |
5632 |
95b7ed50b0549d18a3cab89aab62c087 |
| .data |
37888 |
0e2675a05cb8d9e6801f356131499cfa |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
16384 |
cc8f09f07fc6a020601b9ef90514148c |
| .didata |
3072 |
1398e2d39582abde768ad047f234085d |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
512 |
fc7dfdf91d33a60ffecfe2e9806f86c7 |
| .reloc |
182784 |
223ae32c38ab5fbe65aafaac35c4d700 |
| .rsrc |
324096 |
010c0dd05a427122502bf7187ce7b69c |
