How to remove RogueKillerCMD.exe
- File Details
- Overview
- Analysis
RogueKillerCMD.exe
The module RogueKillerCMD.exe has been detected as Trojan.Packed
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
a895fe4918d87443563f4efd65c19cc8 |
| Size: |
6 MB |
| First Published: |
2018-07-22 13:08:56 (6 years ago) |
| Latest Published: |
2020-09-17 17:58:02 (4 years ago) |
| Status: |
Trojan.Packed (on last analysis) |
|
| Analysis Date: |
2020-09-17 17:58:02 (4 years ago) |
| %sysdrive%\roguekiller.12.12.27.0.rar\roguekiller.12.12.27.0.karanpc\fix |
| %desktop%\rogue killer\roguekiller.12.12.27.0.karanpc\fix |
| %desktop%\rogue killer\roguekiller.12.12.27.0.rar\roguekiller.12.12.27.0.karanpc\fix |
| %profile%\downloads\compressed\roguekiller.12.12.27.0.rar\roguekiller.12.12.27.0.karanpc\fix |
| %profile%\downloads\compressed\roguekiller.premium.full.crack.12.12.27.pefelie.org\roguekiller.premium.full.crack.12.12.27\crack |
| %profile%\downloads\compressed\roguekiller.premium.full.crack.12.12.27.pefelie.org\roguekiller.premium.full.crack.12.12.27\roguekiller.crack\crack |
| %profile%\downloads\compressed\برنامج إزالة الفيروسات والملفات الخبيثة\farescd.com.rog.12.12.27.0 |
| %commonappdata%\martau\total uninstall 6\backup\roguekiller.12.12.27.0-rsload.net-.analyzed.zip\c:\temp\rar$exa0.671 |
| %sysdrive%\!setup\карантин\попк\криптография\portable сканеры\roguekiller 12.12.27.0 + x64\roguekiller.12.12.27.0-rsload.net-.rar |
| %sysdrive%\!setup\gold\roguekiller.12.12.27.0-rsload.net-.analyzed.zip\c:\temp\rar$exa0.671 |
|
32.0% |
|
|
20.0% |
|
|
20.0% |
|
|
8.0% |
|
|
8.0% |
|
|
4.0% |
|
|
4.0% |
|
|
4.0% |
|
| Windows 7 |
76.0% |
|
| Windows 10 |
24.0% |
|
Analysis
| Subsystem: |
Windows CUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0003e9a5 |
| Name |
Size of data |
MD5 |
|
1540608 |
25a58e5b461d2d12749cc326ed90369b |
|
287744 |
bbb429c1fea5af99514de2ab5090bf6e |
|
39936 |
21c0a0fb37fafcd355f180129139e1f8 |
|
3798528 |
eb6e38bc2cfc44cefef8b633aab587fe |
|
0 |
00000000000000000000000000000000 |
| .rsrc |
96256 |
b726fbeb99c07972b841def1e06d50f1 |
|
178688 |
a4dbe6f78828dac0e9e6d726f7a65b1c |
| .data |
986112 |
ea3bd7c5e1aedaab7bcdbff8915cafff |
