How to remove A0037461.dll
- File Details
- Overview
- Analysis
A0037461.dll
The module A0037461.dll has been detected as Adware.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
b8db96aa3460d5800f6033776ed5ad7d |
| Size: |
17 MB |
| First Published: |
2017-05-25 09:04:31 (7 years ago) |
| Latest Published: |
2021-10-24 20:27:31 (3 years ago) |
| Status: |
Adware.Downloader (on last analysis) |
|
| Analysis Date: |
2021-10-24 20:27:31 (3 years ago) |
Overview
| %localappdata%\catalinagroup\citrio\application\50.0.2661.275\pepperflash |
| %localappdata%\catalinagroup\citrio\application\50.0.2661.276\pepperflash |
| %profile%\bd\local settings\application data\catalinagroup\citrio\application\50.0.2661.276\pepperflash |
| %profile%\ser\local settings\application data\catalinagroup\citrio\application\50.0.2661.275\pepperflash |
| %profile%\dministrateur\local settings\application data\catalinagroup\citrio\application\50.0.2661.276\pepperflash |
| %sysdrive%\system volume information\_restore{707e28ae-030b-44df-b89d-07076ebdcb41}\rp269 |
| %localappdata%\catalinagroup\citrio\application\50.0.2661.275 |
| %localappdata%\catalinagroup\citrio\application\50.0.2661.276 |
| %sysdrive%\system volume information\_restore{c52b72cc-fd71-4681-b415-f03a3112c2d4} |
| %sysdrive%\برامج\متصفحات جديدة\citrioportable\50.0.2661.276 |
| pepflashplayer.dll |
| A0037461.dll |
| A0037446.dll |
| A0456486.dll |
|
17.9% |
|
|
8.0% |
|
|
7.1% |
|
|
6.3% |
|
|
4.5% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
2.7% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
| Windows 10 |
44.2% |
|
| Windows 7 |
36.3% |
|
| Windows 8.1 |
11.5% |
|
| Windows XP |
7.1% |
|
| Windows 8 |
0.9% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x10000000 |
| Entry Address: |
0x008584ed |
| Name |
Size of data |
MD5 |
| .text |
12893696 |
c85e1dbbfe1b3c30db5bca434213ab94 |
| .rodata |
4608 |
ad6a7b35eaeb57dfb888321e90e6cc1d |
| .rdata |
3600384 |
fc67ab2a769f2a1ddd7301ec5e6d6deb |
| .data |
816128 |
c5a689e24af3b3fbfd6c38ed407f6c78 |
| .tls |
512 |
8e3343efa9afc26ac6caf49228cbe049 |
| .gfids |
1024 |
b2c97d4331e92635beb40d9c6f12ac3b |
| .rsrc |
2560 |
48a831166a690e102f29baf0df90e25d |
| .reloc |
507904 |
d4983370ef9afe1aa6299d5fdc395aef |
