How to remove A0037476.exe
- File Details
- Overview
- Analysis
A0037476.exe
The module A0037476.exe has been detected as Adware.Downloader
File Details
| MD5: |
172df1071ac18005e08f2c8ddcfc20ab |
| Size: |
3 MB |
| First Published: |
2017-05-25 09:04:27 (8 years ago) |
| Latest Published: |
2025-03-30 23:01:40 (8 months ago) |
| Status: |
Adware.Downloader (on last analysis) |
|
| Analysis Date: |
2025-03-30 23:01:40 (8 months ago) |
Overview
| %localappdata%\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %profile%\bd\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %profile%\annan6\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries\win |
| %sysdrive%\system volume information\_restore{707e28ae-030b-44df-b89d-07076ebdcb41}\rp269 |
| %localappdata%\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| %sysdrive%\system volume information\_restore{c52b72cc-fd71-4681-b415-f03a3112c2d4} |
| %profile%\enatual\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| %profile%\dministrador\configuraciĆ³n local\datos de programa\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| %localappdata%\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_1\binaries |
| %profile%\ous\local settings\application data\catalinagroup\citrio\user data\default\extensions\dcagnhpbnggmbihndfkkhfjojgbaaedo\1.2.40_0\binaries |
| youtube-dl.exe |
| A0037476.exe |
| A0456501.exe |
|
26.0% |
|
|
8.4% |
|
|
5.3% |
|
|
5.3% |
|
|
4.6% |
|
|
4.6% |
|
|
3.8% |
|
|
3.1% |
|
|
3.1% |
|
|
3.1% |
|
|
2.3% |
|
|
2.3% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
| Windows 10 |
42.1% |
|
| Windows 7 |
34.6% |
|
| Windows 8.1 |
18.0% |
|
| Windows XP |
5.3% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00001500 |
| Name |
Size of data |
MD5 |
| .text |
35328 |
712377705f27c35af948a227fcceae2f |
| .data |
512 |
a9dfdda7affe10acefbd6b1d55f224b5 |
| .rdata |
16896 |
081171d481730eea2126fc5d1e07dfb6 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
3072 |
a12e23f7fac28fe2e79973a04a12424a |
| .CRT |
512 |
e5c153db5666b5ab215d5379515f28d3 |
| .tls |
512 |
a8c88ff12bf1bd64b0f22833d25e78d0 |
| .rsrc |
60416 |
4f5803a604e750af3b8a670a10efb1d9 |
