» 5yh4mut6.exe
Overview
Analysis
File Details
Downloads (3)

5yh4mut6.exe

oTweak Software LLC

The file 5yh4mut6.exe by oTweak Software has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from downloads.xpccare.com and multiple other hosts.

File name:

5yh4mut6.exe

Publisher:

oTweak Software LLC (signed and verified)

MD5:

fafb8caaa96b65e98ff1ebf3e23782c3

SHA-1:

4515a0ada3ac997fac56ea2d0523c73e47a61d42

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/15/2024 11:49:32 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.oTweak.Optional.Meta (L)

16.2.26.21

File size:

2.6 MB (2,721,224 bytes)

Common path:

C:\users\{user}\appdata\local\temp\5yh4mut6.exe.part

Digital Signature

Signed by:

oTweak Software LLC

Authority:

thawte, Inc.

Valid from:

3/4/2015 5:00:00 PM

Valid to:

3/4/2017 4:59:59 PM

Subject:

CN=oTweak Software LLC, O=oTweak Software LLC, L=Rostov-Na-Donu, S=Rostovskaya obl., C=RU

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

1BA315B89D1AF7C2CB153F29392B2B78

The file 5yh4mut6.exe has been seen being distributed by the following 3 URLs.

http://downloads.xpccare.com/rcp/.../RegistryCleanerPro.exe

http://www.xpccare.com/?landredir=1&aff=dlldll&subtrn=&prod=rcp&u=http://downloads.xpccare.com/rcp/.../RegistryCleanerPro.exe

http://downloads.otweak.com/rcp/.../RegistryCleanerPro.exe

Remove 5yh4mut6.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.