How to remove RecoverKeys.exe
- File Details
- Overview
- Analysis
RecoverKeys.exe
The module RecoverKeys.exe has been detected as Trojan.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
d5fb4954e479ba1c5a907d939e346530 |
| Size: |
16 MB |
| First Published: |
2022-11-02 23:33:17 (3 years ago) |
| Latest Published: |
2025-01-24 23:01:51 (10 months ago) |
| Status: |
Trojan.Downloader (on last analysis) |
|
| Analysis Date: |
2025-01-24 23:01:51 (10 months ago) |
| %sysdrive%\dlc boot\dlc 2022\dlc boot 2022 v4.1.220628\dlc1\programs\windows\files\nuclearcoffeerecoverkeys.7z\app |
| %profile%\downloads\compressed\dlcboot2022v4.1.220629\dlcboot2022v4.1.220629\dlc1\programs\windows\files\nuclearcoffeerecoverkeys.7z\app |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x021f5bff |
| Name |
Size of data |
MD5 |
| .text |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .itext |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .data |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .didata |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .rdata |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .vmp0 |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .vmp1 |
16710144 |
038deade33c191da7b0ba8b9a715fb65 |
| .rsrc |
291328 |
aa2b19194dd12d0c06c1db6a4ad3f77e |
