How to remove orbitdm.exe
- File Details
- Overview
- Analysis
orbitdm.exe
The module orbitdm.exe has been detected as Risk.Downloader
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
14be01db34df696adfb263805437fa60 |
| Size: |
2 MB |
| First Published: |
2017-06-06 19:05:45 (7 years ago) |
| Latest Published: |
2019-03-26 15:14:46 (5 years ago) |
| Status: |
Risk.Downloader (on last analysis) |
|
| Analysis Date: |
2019-03-26 15:14:46 (5 years ago) |
Overview
| Signed By: |
KORAM GAMES LIMITED |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %desktop%\orbitdownloaderportable_4.1.1.18_ml.7z\orbitdownloaderportable_4.1.1.18_ml\app\orbitdownloader |
| %sysdrive%\downloads\programs\orbit downloader v4.1.1.18 final ml_rus\orbit downloader v4.1.1.18 portable.exe\orbit downloader v4.1.1.18 portable\app |
| %sysdrive%\programs\orbit downloader v4.1.1.18 final ml_rus\orbit downloader v4.1.1.18 portable.exe\orbit downloader v4.1.1.18 portable\app |
| %programfiles% |
| %temp%\rar$exa9304.42043\orbit\app\local\modified\@programfilesx86@ |
| %temp%\rar$exa9996.30033\orbit\app\local\modified\@programfilesx86@ |
| %sysdrive%\bloc note bureau\dossiers @amp; documents bureau\download\replaytv_pack_12.zip\replaytv_pack_12 |
| %sysdrive%\contenu\logiciels\pack de download\replaytv_pack_12.zip\replaytv_pack_12 |
| %sysdrive%\contenu\logiciels\replaytv_pack_12 |
| %mydoc%\doc & music\doc perso\replaytv_pack_12.zip\replaytv_pack_12 |
|
26.7% |
|
|
26.7% |
|
|
13.3% |
|
|
13.3% |
|
|
6.7% |
|
|
6.7% |
|
|
6.7% |
|
| Windows 7 |
66.7% |
|
| Windows 10 |
33.3% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0015f4e8 |
| Name |
Size of data |
MD5 |
| .text |
1499136 |
3d1b48aed33dc4c754e652316ed7d14a |
| .rdata |
122880 |
c181fcada50b1f75ee0736ea6921ed15 |
| .data |
49152 |
88b39e4b17e404143a09e0384b0a3550 |
| .rsrc |
995328 |
4a26c00aa73ac7273ab1cac04480514a |
