How to remove offer_downloader.exe

» File
File Details
Overview
Analysis

offer_downloader.exe

The module offer_downloader.exe has been detected as Adware.Downloader

offer_downloader.exe

Remove offer_downloader.exe

File Details

Main Info:

MD5:	9b391bceab0c923b8e7aff136baf96e6
Size:	68 KB
First Published:	2017-05-30 09:10:38 (6 years ago)
Latest Published:	2021-01-13 18:13:36 (3 years ago)

Analysis:

Status:	Adware.Downloader (on last analysis)
Analysis Date:	2021-01-13 18:13:36 (3 years ago)

Overview

Digital Signature

Signed By:	Sevas-S LLC
Status:	Valid

Common Places:

%appdata%\rmi

%appdata%

%sysdrive%\dari comp\old\documents and settings\winxp\application data

%sysdrive%\windows.old\users\kinayomi\appdata\roaming

%profile%\tkdsrvadm\application data

%appdata%

%appdata%

%appdata%

%appdata%

%sysdrive%\windows.old\users\trang\appdata\roaming

Geography:

	30.5%
	12.6%
	12.6%
	10.5%
	8.4%
	4.2%
	3.2%
	3.2%
	3.2%
	2.1%
	2.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%

OS Version:

Windows 7	72.6%
Windows 10	17.9%
Windows 8.1	5.3%
Windows 8	2.1%
Windows Server 2003	2.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000031b1

PE Sections:

Name	Size of data	MD5
.text	24064	640f1440aec15eaeef7a12da432bc867
.rdata	5120	95b6fafbc2cf4805e2c3d3ab85509205
.data	1536	21d4aafc63284c2e87945dd48ccd7174
.ndata	0	00000000000000000000000000000000
.rsrc	16896	c9c9cb12efb2758652ee2b5f344d9390

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for offer_downloader.exe

copyright for information about offer_downloader.exe