How to remove NuclearCoffeeRecoverPasswords.exe

» File
File Details
Overview
Analysis

NuclearCoffeeRecoverPasswords.exe

The module NuclearCoffeeRecoverPasswords.exe has been detected as Adware.OpenCandy

NuclearCoffeeRecoverPasswords.exe

Remove NuclearCoffeeRecover

File Details

Main Info:

Product Name:	Recover Passwords
Company Name:	Recover Passwords
MD5:	4dbae8d20fd2a1c6e75f90461d94bbb1
Size:	17 MB
First Published:	2020-12-22 05:27:47 (5 years ago)
Latest Published:	2025-07-16 23:00:52 (6 months ago)

Analysis:

Status:	Adware.OpenCandy (on last analysis)
Analysis Date:	2025-07-16 23:00:52 (6 months ago)

Overview

Digital Signature

Signed By:	ONE UP LTD.
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%desktop%\windows\files

%desktop%\outlook\dlc1\programs\windows\files

%sysdrive%\dlc boot\dlc 2022\dlc boot 2022 v4.1.220628\dlc1\programs\windows\files

%sysdrive%\setup\dlc boot 2023 v4.3\dlc1\programs\windows\files

%sysdrive%\install\dlc.boot.2019.3.6.build.190411\dlc.boot.2019.v3.6\dlc1\programs\windows\files

%profile%\downloads\compressed\dlcboot2022v4.1.220629\dlcboot2022v4.1.220629\dlc1\programs\windows\files

%sysdrive%\descargas\dlc.boot.2019.v3.6\dlc1\programs\windows\files

Geography:

	28.6%
	14.3%
	14.3%
	14.3%
	14.3%
	14.3%

OS Version:

Windows 10	85.7%
Windows 8.1	14.3%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00ac8b6c

PE Sections:

Name	Size of data	MD5
.text	11273728	d5378af017e4579b8024586f7132f1e6
.itext	28160	8df2edb0873ee0176ae5e7c9662b7914
.data	204288	d0c932af42ab21d9aa0c55412b2255ed
.bss	0	d41d8cd98f00b204e9800998ecf8427e
.idata	21504	c8db72986f243030db92a16b6a8241ce
.didata	2560	a6ccff7bc56312d5fa3309747a400ee6
.tls	0	d41d8cd98f00b204e9800998ecf8427e
.rdata	512	b5d87e16978692b084299d247a8e37c5
.reloc	1005568	682705eeee0efa221d84fcd4c7364836
.rsrc	5440512	018967bb739918833a838fbcba36c3d5

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for NuclearCoffeeRecoverPasswords.exe

copyright for information about NuclearCoffeeRecoverPasswords.exe