How to remove A0037470.dll
- File Details
- Overview
- Analysis
A0037470.dll
The module A0037470.dll has been detected as Adware.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
76b11ce2da3bd9513fe59d37f9e5a078 |
| Size: |
753 KB |
| First Published: |
2017-05-25 09:04:32 (7 years ago) |
| Latest Published: |
2021-10-24 20:30:09 (3 years ago) |
| Status: |
Adware.Downloader (on last analysis) |
|
| Analysis Date: |
2021-10-24 20:30:09 (3 years ago) |
Overview
| %localappdata%\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %profile%\bd\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %profile%\ser\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %profile%\annan6\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %sysdrive%\system volume information\_restore{707e28ae-030b-44df-b89d-07076ebdcb41}\rp269 |
| %localappdata%\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| %sysdrive%\system volume information\_restore{c52b72cc-fd71-4681-b415-f03a3112c2d4} |
| %profile%\enatual\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| %profile%\dministrador\configuración local\datos de programa\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| %localappdata%\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_1\binaries |
| msvcr100.dll |
| A0037470.dll |
| A0456495.dll |
|
26.5% |
|
|
8.1% |
|
|
5.1% |
|
|
5.1% |
|
|
5.1% |
|
|
4.4% |
|
|
4.4% |
|
|
3.7% |
|
|
2.9% |
|
|
2.9% |
|
|
2.2% |
|
|
2.2% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
| Windows 10 |
42.8% |
|
| Windows 7 |
34.1% |
|
| Windows 8.1 |
16.7% |
|
| Windows XP |
5.8% |
|
| Windows 8 |
0.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x78aa0000 |
| Entry Address: |
0x00011dfc |
| Name |
Size of data |
MD5 |
| .text |
726016 |
a41fe99e1b2295ad5b0bc3e1c7c52269 |
| .data |
19968 |
0e5379595c27b788686868df5dd4d72b |
| .rsrc |
1024 |
5c4027f8ee057b4eaf6a9a7116b65244 |
| .reloc |
19968 |
6af60de9f61bd6b3c3e712a738561125 |
