» Coolverter.exe
Overview
Analysis
File Details

Coolverter.exe

Coolverter

ITVA OOO

The application Coolverter.exe by ITVA OOO has been detected as a potentially unwanted program by 3 anti-malware scanners.

File name:

Coolverter.exe

Publisher:

iTVA LLC www.itva.ru (signed by ITVA OOO)

Product:

Coolverter

Version:

2.2.0.3

MD5:

f6cda1de8d252e40ace95b4c49b9b893

SHA-1:

11de2bf036b5326320673283381b985904cb5f83

SHA-256:

a70268c69597bdfd191d835f4b7748bfb834667e6e17ddcd240177fc39269197

Scanner detections:

3 / 68

Status:

Potentially unwanted

Analysis date:

11/26/2024 1:27:16 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAdware

1.3.0.7062

Dr.Web

Adware.Downware.11301

9.0.1.0243

Reason Heuristics

PUP.iTVA.iTVAwwwitvaru (M)

15.8.31.21

File size:

35 MB (36,714,152 bytes)

Product version:

2.2

Coolverter, iTVA LLC

Trademarks:

Original file name:

Coolverter.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\coolverter\coolverter.exe

Digital Signature

Signed by:

ITVA OOO

Authority:

COMODO CA Limited

Valid from:

4/17/2015 3:00:00 AM

Valid to:

4/17/2016 2:59:59 AM

Subject:

CN=ITVA OOO, O=ITVA OOO, STREET=18 Koryakova ul, L=Saint-Petersburg, S=RU, PostalCode=194356, C=RU

Issuer:

CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

7F3EBBC3A0970348263AADDFFB39E887

File PE Metadata

Compilation timestamp:

4/28/2015 3:10:55 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

786432:Q4RRaAOm7U2k8Ua4fl0Ni7oLlAFgkNi1wZnAWf0HOq:Q4RoAOm7U2ko4d0NiWHOq

Entry address:

0x82A43C

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, D8, D2, C1, 00, E8, EF, 4E, 7E, FF, 8B, 1D, 20, 3C, C3, 00, 8B, 03, E8, 8A, BA, DD, FF, 8B, 03, 8B, 15, 54, 7D, AC, 00, 89, 50, 3C, C7, 40, 38, 44, 82, AC, 00, 8B, 0D, 68, 36, C3, 00, 8B, 03, 8B, 15, 4C, 50, C0, 00, E8, FD, 73, DD, FF, 8B, 0D, A4, 39, C3, 00, 8B, 03, 8B, 15, 08, CB, BC, 00, E8, EA, 73, DD, FF, 8B, 0D, F8, 35, C3, 00, 8B, 03, 8B, 15, 74, C1, C1, 00, E8, D7, 73, DD, FF, 8B, 03, E8, 44, B8, DD, FF, A1, F8, 35, C3, 00, 8B, 00, 8B, 80, 48, 02, 00, 00, 85, C0, 74... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

8.2 MB (8,558,080 bytes)

Remove Coolverter.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.