How to remove chromepass.exe
- File Details
- Overview
- Analysis
chromepass.exe
The module chromepass.exe has been detected as Virtool.ChromePass
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
36e91497fee355a45a5cb23a5ea91139 |
| Size: |
232 KB |
| First Published: |
2018-02-20 00:07:48 (7 years ago) |
| Latest Published: |
2024-11-06 23:06:55 (9 months ago) |
| Status: |
Virtool.ChromePass (on last analysis) |
|
| Analysis Date: |
2024-11-06 23:06:55 (9 months ago) |
Overview
| Signed By: |
Nir Sofer |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %sysdrive%\160gb download backup\pc rescue tools |
| %profile%\downloads |
| %profile%\downloads\nirsoft_package_enc_1.20.32 |
| %sysdrive%\$recycle.bin\s-1-5-21-125068861-941595446-4039503032-1000\$rsoqcq8.28 |
| %desktop% |
| %sysdrive%\!portable apps\virus killers removers and cleaners\windows repair toolbox\windows_repair_toolbox\downloads\nirlauncher |
| %sysdrive%\!portable apps\windows repair toolbox\windows_repair_toolbox\downloads\nirlauncher |
| %profile%\downloads\nirsoft_package_enc_1.20.35 |
| %sysdrive%\windows_repair_toolbox\downloads\nirlauncher |
| %profile%\downloads\nirsoft_package_enc_1.20.29 |
| ChromePass.exe |
| chromepass.exe |
| ahma0d.exe |
| pass.exe |
| $RFMMKDE.exe |
| cp.exe |
| United States |
13.0% |
|
| Russia |
10.0% |
|
| United Kingdom |
5.4% |
|
| Spain |
4.2% |
|
| Canada |
4.2% |
|
| Portugal |
4.2% |
|
| Italy |
3.8% |
|
| Iran |
3.8% |
|
| Egypt |
3.8% |
|
| Germany |
3.3% |
|
| Ukraine |
3.3% |
|
| Turkey |
2.9% |
|
| France |
2.9% |
|
| Tunisia |
2.5% |
|
| Netherlands |
2.5% |
|
| Thailand |
2.1% |
|
| Poland |
1.7% |
|
| United Arab Emirates |
1.7% |
|
| Algeria |
1.7% |
|
| Pakistan |
1.7% |
|
| Australia |
1.3% |
|
| Morocco |
1.3% |
|
| Colombia |
1.3% |
|
| Peru |
1.3% |
|
| Qatar |
1.3% |
|
| South Korea |
1.3% |
|
| Kyrgyzstan |
0.8% |
|
| Bulgaria |
0.8% |
|
| Ireland |
0.8% |
|
| Hungary |
0.8% |
|
| Romania |
0.8% |
|
| Saudi Arabia |
0.8% |
|
| Croatia |
0.8% |
|
| Serbia |
0.8% |
|
| Belgium |
0.8% |
|
| Greece |
0.4% |
|
| Bangladesh |
0.4% |
|
| Japan |
0.4% |
|
| Austria |
0.4% |
|
| Czech Republic |
0.4% |
|
| Armenia |
0.4% |
|
| Switzerland |
0.4% |
|
| China |
0.4% |
|
| Taiwan |
0.4% |
|
| Slovakia |
0.4% |
|
| Nepal |
0.4% |
|
| Slovenia |
0.4% |
|
| Israel |
0.4% |
|
| Belarus |
0.4% |
|
| Mexico |
0.4% |
|
| Windows 10 |
62.8% |
|
| Windows 7 |
27.3% |
|
| Windows 8.1 |
8.3% |
|
| Windows Server 2016 |
0.8% |
|
| Windows Server 2003 |
0.4% |
|
| Windows XP |
0.4% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0002bd60 |
| Name |
Size of data |
MD5 |
| .text |
177664 |
fe453dea4de4a0195e1c08ae5b397c46 |
| .rdata |
30208 |
ab295b49d94cd9e49aa61ea3ac59b3cc |
| .data |
3584 |
c0937ab723610f7c07013ef7eb1d7d58 |
| .rsrc |
13312 |
f47ebaa72e90a7e01aa7f716e25ef17c |
