home

ddr-android-data-recovery.exe

DDR - Android Recovery(Demo)

Pro Data Doctor Pvt. Ltd.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.recoverybull.com.
Publisher:
Pro Data Doctor Pvt. Ltd.

Product:
DDR - Android Recovery(Demo)

Version:
5.6.1.3

MD5:
ff7b87be412dcc1e93b269364647fec2

SHA-1:
74d4b5301a8689238bbd8011522217a548dab3e8

SHA-256:
1988ceb1c64fd8e46a3d1efc77afb026c405e219f40bb2d21d4e03dbf82cded2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 8:46:35 PM UTC  (today)

File size:
2.3 MB (2,389,192 bytes)

Product version:
5.6.1.3

Copyright:
Copyright © 2005-2015 Pro Data Doctor Pvt. Ltd.

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\ddr-android-data-recovery.exe

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:49R+QkiwLdsyHoT96RsGr21KOHEkXXT/8ytuFn54MwthogglTUKqAao:y0iwLdsF6RvrzmEKjQFnmMXZ5zqAP

Entry address:
0xA5F8

Entry point:
FF, C3, 89, C8, 81, FA, EA, 4B, 00, 00, 74, 04, F6, D0, FE, C4, F7, C3, 83, F9, A6, 0E, 0F, CD, 89, D8, 88, F0, 0F, C9, 70, 04, 8A, DB, 0F, CE, 86, DD, 8D, 15, B6, 0B, 00, 00, C6, C4, 2B, 81, F2, B6, 0B, 00, 00, 84, D3, 81, CA, 45, 08, 00, 00, 73, 04, 8A, CF, FE, C8, 81, EA, 03, 01, 00, 00, B4, AA, 81, FA, 1B, E0, 00, 00, 77, 0B, 1D, 4D, A7, 01, D5, 8D, 35, 8F, 89, D1, C5, 81, EA, 01, 00, 00, 00, 0F, AF, F7, 88, D3, 0F, B6, F6, 3B, F7, 76, 0C, FF, CD, 8D, 35, A7, 1C, 41, 25, 89, C1, 86, C7, 81, FA, 3C, 02...
 
[+]

Code size:
39.5 KB (40,448 bytes)

The file ddr-android-data-recovery.exe has been seen being distributed by the following URL.

http://www.recoverybull.com/.../ddr-android-data-recovery.exe

Scan ddr-android-data-recovery.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.