How to remove CardRecovery.exe
- File Details
- Overview
- Analysis
CardRecovery.exe
The module CardRecovery.exe has been detected as Trojan.Agent
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
50d9e5225cbfad138061f51a6773527b |
| Size: |
704 KB |
| First Published: |
2017-06-06 15:10:19 (8 years ago) |
| Latest Published: |
2022-06-21 23:16:29 (3 years ago) |
| Status: |
Trojan.Agent (on last analysis) |
|
| Analysis Date: |
2022-06-21 23:16:29 (3 years ago) |
| %programfiles%\cardrecovery |
| %profile% |
| %desktop%\بـــرامج\card recovery 6.10 build 1210\crack |
| %desktop%\cardrecovery 6.10 build 1210[winkabarkyaw.blogspot.com]l\crack |
| %programfiles% |
| %profile%\downloads\cardrecovery прога для восстановления с sd card\cardrecovery прога для восстановления с sd card |
| %desktop% |
| %sysdrive%\!install |
| %profile%\dropbox\programs\recovery\card recovery 6.10 build 1210 + crack - {cyclonoid}.rar\card recovery 6.10 build 1210 + crack - {cyclonoid} |
| %profile%\dropbox\programs\recovery\card recovery 6.10 build 1210 + crack - {cyclonoid} |
|
21.5% |
|
|
7.7% |
|
|
6.2% |
|
|
6.2% |
|
|
4.6% |
|
|
4.6% |
|
|
4.6% |
|
|
4.6% |
|
|
3.1% |
|
|
3.1% |
|
|
3.1% |
|
|
3.1% |
|
|
3.1% |
|
|
3.1% |
|
|
3.1% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
| Windows 7 |
61.8% |
|
| Windows 10 |
30.9% |
|
| Windows 8 |
2.9% |
|
| Windows XP |
2.9% |
|
| Windows 8.1 |
1.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x002e3135 |
| Name |
Size of data |
MD5 |
| .text |
0 |
00000000000000000000000000000000 |
| .itext |
0 |
00000000000000000000000000000000 |
| .data |
0 |
00000000000000000000000000000000 |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
0 |
00000000000000000000000000000000 |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
0 |
00000000000000000000000000000000 |
| cohxtewn |
0 |
00000000000000000000000000000000 |
| .rsrc |
104960 |
d4bd9c52f746cf6f9b89b5fcc837e27e |
| p.715kfm |
610872 |
c01732710971876291010fba450d40e4 |
| pmnp167k |
4096 |
7844f458c62edde2cdf17d54550b2857 |
