b1acf75ec617f4000e3331c0cddb6c269d213553

Adware Removal Tool by TSA

Pawan Kumar

It is installed within the Mozilla Firefox web browser as part of an addin/plugin.
Publisher:
Pawan Kumar  (signed and verified)

Product:
Adware Removal Tool by TSA

Version:
5.1

MD5:
bb31ccf4369f3dc766393df4ae3a25a4

SHA-1:
01e44cb32349a5abfef018c95dc3b6123647cbb9

SHA-256:
0f8d912535f2fbf6fd7adecf68a84c680bfa20e5de0b49072881593e1f2ec030

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 10:37:59 AM UTC  (today)

File size:
735 KB (752,683 bytes)

Product version:
5.1

Copyright:
Copyright © 2015

Original file name:
Adware Removal Tool by TSA.exe

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\mozilla\firefox\profiles\{user}.default\cache2\entries\b1acf75ec617f4000e3331c0cddb6c269d213553

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
10/29/2014 12:00:00 AM

Valid to:
10/28/2016 11:59:59 PM

Subject:
CN=Pawan Kumar, OU=Software Development, O=Pawan Kumar, STREET=H NO 453/19 kailash Colony, STREET=Shanti vihar Near ITI Sonipat, L=Sonipat, S=Haryana, PostalCode=131001, C=IN

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
317DD1C55F51AC2756D9C93C060C6FA5

File PE Metadata
Compilation timestamp:
3/31/2016 3:38:50 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:TLVaA/0rLVz0gQAHoLV4IDABaF56+Aq4WBTWpSqXhpeEioU2UsEyClfl9teBj8/H:wCUUo+ONXiEiJ2IFlqMVj

Entry address:
0xAEBCE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 32, F7, FC, 56, 00, 00, 00, 00, 02, 00, 00, 00, A8, 00, 00, 00, 1C, 00, 0B, 00, 1C, D0, 0A, 00, 52, 53, 44, 53, 37, 7B, 45, 83, E6, 1D, 46, 44, 96, FF, 3C, DB, 5D, 54, 64, 2E, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 55, 73, 65, 72, 5C, 44, 6F, 63, 75, 6D, 65, 6E, 74, 73, 5C, 56, 69...
 
[+]

Entropy:
6.1943

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
691 KB (707,584 bytes)

Scan b1acf75ec617f4000e3331c0cddb6c269d213553 - Powered by Reason Core Security