How to remove A0037579.dll
- File Details
- Overview
- Analysis
A0037579.dll
The module A0037579.dll has been detected as Adware.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
b0f93c86a5b2ca4d11c480a46e4b4da7 |
| Size: |
441 KB |
| First Published: |
2017-05-25 09:04:27 (7 years ago) |
| Latest Published: |
2019-06-23 20:45:43 (5 years ago) |
| Status: |
Adware.Downloader (on last analysis) |
|
| Analysis Date: |
2019-06-23 20:45:43 (5 years ago) |
Overview
| %localappdata%\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_0\binaries\win\plugins\codec |
| %profile%\bd\local settings\application data\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_0\binaries\win\plugins\codec |
| %profile%\annan6\local settings\application data\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_0\binaries\win\plugins\codec |
| %sysdrive%\system volume information\_restore{707e28ae-030b-44df-b89d-07076ebdcb41}\rp269 |
| %localappdata%\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_0\binaries\win\plugins |
| %sysdrive%\system volume information\_restore{c52b72cc-fd71-4681-b415-f03a3112c2d4} |
| %localappdata%\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_1\binaries\win\plugins |
| %profile%\enatual\local settings\application data\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_1\binaries\win\plugins |
| %profile%\ous\local settings\application data\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_0\binaries\win\plugins |
| %sysdrive%\windows.old\users\samuel\appdata\local\catalinagroup\citrio\user data\default\extensions\hjinflocgjpjihbgdlipilmjlbkjkmak\0.6.6_0\binaries\win\plugins |
| libflac_plugin.dll |
| A0037579.dll |
| A0456604.dll |
|
30.8% |
|
|
6.5% |
|
|
5.6% |
|
|
4.7% |
|
|
4.7% |
|
|
4.7% |
|
|
3.7% |
|
|
3.7% |
|
|
3.7% |
|
|
2.8% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
1.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
| Windows 10 |
40.7% |
|
| Windows 7 |
30.6% |
|
| Windows 8.1 |
22.2% |
|
| Windows XP |
6.5% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x62980000 |
| Entry Address: |
0x00001410 |
| Name |
Size of data |
MD5 |
| .text |
417792 |
e7383188d0eee424bb7a2e50d2b504df |
| .data |
512 |
1f30f88ffe233aade01e1fe2087fd20a |
| .rdata |
17408 |
22a6d28c14ccfd13c039193e7c6c0720 |
| .bss |
0 |
00000000000000000000000000000000 |
| .edata |
512 |
da06363403d272798daddad8a36c8220 |
| .idata |
3072 |
7234f20eb843e2131803642bbbb3544e |
| .CRT |
512 |
0a345b0c54b60454f2afdb99c57f64fb |
| .tls |
512 |
5794802736ce3bc1ce3216ef340e80d9 |
| .rsrc |
1024 |
2bdcd4232c27aad392b753f7155ce505 |
| .reloc |
5632 |
632499bce86e29b0f04c0fc33ea38a74 |
| /4 |
512 |
7ee3e449ff9d3c3b1c21b0a5bfc76b4a |
