How to remove NuclearCoffeeRecoverPasswords.exe
- File Details
- Overview
- Analysis
NuclearCoffeeRecoverPasswords.exe
The module NuclearCoffeeRecoverPasswords.exe has been detected as Adware.OpenCandy
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
4dbae8d20fd2a1c6e75f90461d94bbb1 |
| Size: |
17 MB |
| First Published: |
2020-12-22 05:27:47 (4 years ago) |
| Latest Published: |
2025-01-24 23:01:50 (5 months ago) |
| Status: |
Adware.OpenCandy (on last analysis) |
|
| Analysis Date: |
2025-01-24 23:01:50 (5 months ago) |
Overview
| Signed By: |
ONE UP LTD. |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %desktop%\windows\files |
| %desktop%\outlook\dlc1\programs\windows\files |
| %sysdrive%\dlc boot\dlc 2022\dlc boot 2022 v4.1.220628\dlc1\programs\windows\files |
| %sysdrive%\setup\dlc boot 2023 v4.3\dlc1\programs\windows\files |
| %sysdrive%\install\dlc.boot.2019.3.6.build.190411\dlc.boot.2019.v3.6\dlc1\programs\windows\files |
| %profile%\downloads\compressed\dlcboot2022v4.1.220629\dlcboot2022v4.1.220629\dlc1\programs\windows\files |
|
33.3% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
| Windows 10 |
83.3% |
|
| Windows 8.1 |
16.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00ac8b6c |
| Name |
Size of data |
MD5 |
| .text |
11273728 |
d5378af017e4579b8024586f7132f1e6 |
| .itext |
28160 |
8df2edb0873ee0176ae5e7c9662b7914 |
| .data |
204288 |
d0c932af42ab21d9aa0c55412b2255ed |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
21504 |
c8db72986f243030db92a16b6a8241ce |
| .didata |
2560 |
a6ccff7bc56312d5fa3309747a400ee6 |
| .tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .rdata |
512 |
b5d87e16978692b084299d247a8e37c5 |
| .reloc |
1005568 |
682705eeee0efa221d84fcd4c7364836 |
| .rsrc |
5440512 |
018967bb739918833a838fbcba36c3d5 |
