How to remove Embers-Win64-Shipping.exe
- File Details
- Overview
- Analysis
Embers-Win64-Shipping.exe
The module Embers-Win64-Shipping.exe has been detected as Adware.DealPly
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
4aeba71cd5d406974fde06e40cf4646f |
| Size: |
64 MB |
| First Published: |
2025-06-30 23:00:36 (10 months ago) |
| Latest Published: |
2026-04-04 23:01:27 (2 days ago) |
| Status: |
Adware.DealPly (on last analysis) |
|
| Analysis Date: |
2026-04-04 23:01:27 (2 days ago) |
| %programfiles%\embers\embers\binaries |
| %programfiles%\embers\embers\binaries |
| %programfiles%\embers\embers\binaries |
| %programfiles%\embers\embers\binaries |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
64 |
| Image Base: |
0x0000000140000000 |
| Entry Address: |
0x02c943a0 |
| Name |
Size of data |
MD5 |
| .text |
47272960 |
fc2d920fd59e05f46c86a7bfb2a7efa0 |
| .rdata |
12847616 |
f7a87e001c95634fb8be5d6b3567543c |
| .data |
3659776 |
5ab79b559a676f80499933a6e8317b83 |
| .pdata |
2469888 |
8f7a1907eb4d49f1cc749e42f663f3c3 |
| .msvcjmc |
512 |
393c810880d948e00f650d316a3604b7 |
| .rodata |
4608 |
c75e62a9f690525b8d2c659435d30db3 |
| _RDATA |
160768 |
0264602060c1015f8db119ae70d8ebb2 |
| .rsrc |
328192 |
8ebd88eb278ddcb15da60ea0eb4df16c |
| .reloc |
1013760 |
42fd850f97caf0e9765b219d139b2de8 |
