How to remove A0015011.exe
- File Details
- Overview
- Analysis
A0015011.exe
The module A0015011.exe has been detected as PUP.Toolbar
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
6e4771ecf33f2767bfd87c4381f1fe77 |
| Size: |
2 MB |
| First Published: |
2017-06-20 14:06:06 (7 years ago) |
| Latest Published: |
2024-11-15 23:01:03 (6 months ago) |
| Status: |
PUP.Toolbar (on last analysis) |
|
| Analysis Date: |
2024-11-15 23:01:03 (6 months ago) |
Overview
| Signed By: |
Crawler Group, LLC |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %programfiles%\spyware terminator\tools |
| %sysdrive%\windows.old.000\program files (x86)\spyware terminator\tools |
| %sysdrive%\system volume information\_restore{115a6895-6e26-46ed-ab4e-4cfd2c2141b8}\rp36 |
| %commonappdata%\martau\total uninstall 6\backup\spyware terminator 2015.analyzed.zip\c:\program files (x86)\spyware terminator\tools |
| %programfiles%\spyware terminator |
| %sysdrive%\archivos de programa\spyware terminator |
| %sysdrive%\system volume information\_restore{586871f4-d9cc-4f9f-9fa0-5fea4b89a97f} |
| %sysdrive%\system volume information\_restore{83e9558c-6427-438e-8170-58877fd8ff61} |
| %programfiles%\~spyware terminator |
| %commonappdata%\spyware terminator\shared |
| defsyssettings.exe |
| A0015011.exe |
| A0138169.exe |
| A0005740.exe |
| A0039635.exe |
| A0117171.exe |
|
19.0% |
|
|
17.0% |
|
|
12.0% |
|
|
9.3% |
|
|
3.7% |
|
|
3.7% |
|
|
3.3% |
|
|
3.3% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.7% |
|
|
1.3% |
|
|
1.3% |
|
|
1.0% |
|
|
1.0% |
|
|
1.0% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
| Windows 10 |
51.0% |
|
| Windows 7 |
33.1% |
|
| Windows 8.1 |
10.6% |
|
| Windows XP |
3.6% |
|
| Windows Vista |
0.7% |
|
| Windows Server 2003 |
0.7% |
|
| Windows 8 |
0.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00234448 |
| Name |
Size of data |
MD5 |
| .text |
2301952 |
3b864be083161dce6306227adb2993c5 |
| .itext |
5632 |
2959639dbd36d6be4f998615daf2ac91 |
| .data |
37888 |
e38196439d6f8f907b1bc562f1c8ef18 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
16384 |
1f7ef5dea3a0a0917131e0b8fd8a65f2 |
| .didata |
3072 |
cf19295fcdf7f4454c6563148d056f21 |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
512 |
b928a3d8ecfa984b91314ffb8c42b8fd |
| .reloc |
195072 |
623a9775ca67589bcda08d1fa33f40a2 |
| .rsrc |
379904 |
5be06c4dd1f450ea54b9e45045554737 |
