How to remove A0037448.exe
- File Details
- Overview
- Analysis
A0037448.exe
The module A0037448.exe has been detected as Adware.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
8066c3ec9eb75f56b8adcacacf98ed86 |
| Size: |
1 MB |
| First Published: |
2017-06-08 13:12:22 (8 years ago) |
| Latest Published: |
2021-01-04 14:06:22 (4 years ago) |
| Status: |
Adware.Downloader (on last analysis) |
|
| Analysis Date: |
2021-01-04 14:06:22 (4 years ago) |
Overview
| %localappdata%\catalinagroup\citrio\application |
| %profile%\bd\local settings\application data\catalinagroup\citrio\application |
| %profile%\dministrateur\local settings\application data\catalinagroup\citrio\application |
| %sysdrive%\system volume information\_restore{707e28ae-030b-44df-b89d-07076ebdcb41}\rp269 |
| %localappdata%\catalinagroup\citrio |
| %profile%\wner\local settings\application data\catalinagroup\citrio |
| %sysdrive%\برامج\متصفحات جديدة |
| %sysdrive%\برامج\متصفحات جديدة\604kla821.rar |
| %profile%\дминистратор\local settings\application data\catalinagroup\citrio |
| %sysdrive%\мой wpi 14.09.2017\все browsera\citrio_50.0.2661.276.7z\citrio 50.0 |
| citrio.exe |
| A0037448.exe |
| citrio_IObitDel.exe |
| old_citrio.exe |
| Brazil |
17.2% |
|
| Thailand |
9.5% |
|
| Egypt |
8.9% |
|
| Taiwan |
5.9% |
|
| United States |
4.7% |
|
| Colombia |
4.7% |
|
| Poland |
3.6% |
|
| Libya |
3.0% |
|
| Saudi Arabia |
3.0% |
|
| Canada |
3.0% |
|
| Portugal |
3.0% |
|
| Spain |
2.4% |
|
| Vietnam |
2.4% |
|
| Jordan |
2.4% |
|
| China |
2.4% |
|
| Indonesia |
1.8% |
|
| Greece |
1.8% |
|
| Sweden |
1.8% |
|
| Russia |
1.8% |
|
| Denmark |
1.8% |
|
| Turkey |
1.2% |
|
| Argentina |
1.2% |
|
| Iran |
1.2% |
|
| Hungary |
1.2% |
|
| Morocco |
1.2% |
|
| Nicaragua |
1.2% |
|
| Syria |
1.2% |
|
| Mexico |
1.2% |
|
| Venezuela |
1.2% |
|
| Australia |
1.2% |
|
| Algeria |
0.6% |
|
| India |
0.6% |
|
| Belarus |
0.6% |
|
| Iraq |
0.6% |
|
| Mozambique |
0.6% |
|
| United Kingdom |
0.6% |
|
| Windows 7 |
45.0% |
|
| Windows 10 |
37.9% |
|
| Windows 8.1 |
12.4% |
|
| Windows XP |
4.1% |
|
| Windows 8 |
0.6% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0004d0f4 |
| Name |
Size of data |
MD5 |
| .text |
424960 |
9f9a2f6b2933feba0a8271756d36cecd |
| .rdata |
139776 |
769e62e109de4597751bc240409edcdd |
| .data |
7168 |
c64095a09e21549de00986194de01ae7 |
| .tls |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
487936 |
b286c2cd0c4c102d45ef70a38f550346 |
| .reloc |
18432 |
9eb03e71ac9207f4977b208d620e3449 |
