fimxkwxvvroi.exe

Attach Extended

PROFI-SOFT

The executable fimxkwxvvroi.exe, “Attach Extended OllyDbg Plugin” has been detected as malware by 1 anti-virus scanner.
Publisher:
PROFI-SOFT  (signed and verified)

Product:
Attach Extended

Description:
Attach Extended OllyDbg Plugin

Version:
1, 0, 0, 1

MD5:
048bfaf3da5fa5476471903a93b5f724

SHA-1:
5dd751595ec88c63dde9b5597bb71615271071da

SHA-256:
bdf71a31253e5407fc7a6d7dfce0c1d2ab7045dc8e788b6e1fd6a6bc9df7c4b4

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/30/2024 10:19:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.2.5

File size:
956.5 KB (979,464 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2009

Original file name:
AttachEx.dll

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\fimxkwxvvroi.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
9/4/2015 3:00:00 AM

Valid to:
9/4/2016 2:59:59 AM

Subject:
CN="""PROFI-SOFT"", OOO", O="""PROFI-SOFT"", OOO", STREET="Prospekt Piskarevsky, 10", L=Saint-Petersburg, S=Saint-Petersburg, PostalCode=195221, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008B0D4FAA82D8B1952898AE54373F0012

File PE Metadata
Compilation timestamp:
4/21/2015 12:23:12 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x8BC04

Entry point:
52, 51, 89, FF, 75, 02, 37, 90, 01, FE, E8, C5, 61, F7, FF, 4E, 90, 58, 59, EB, 08, 90, 12, 77, 04, FC, 90, FC, 90, 68, 7C, BC, 48, 00, E9, 03, E0, 00, 00, FE, 05, 4C, 36, 49, 00, F8, 3B, CF, 80, 3D, 4C, 36, 49, 00, 07, E9, 7C, E7, FF, FF, 66, 85, E2, F9, 89, 3D, 5F, 10, 49, 00, E9, D0, DD, FF, FF, 0F, 85, 28, E2, FF, FF, 8B, 45, F8, 66, F7, C1, 9D, 30, 03, 45, F0, 83, C0, 04, 81, 38, EC, 56, 57, BF, E9, FB, DD, 00, 00, 8B, 00, E9, 1D, E6, 00, 00, E1, E8, 8D, 53, F7, FF, C3, 89, 7C, 24, F0, E9, 34, E9, FF...
 
[+]

Code size:
580.5 KB (594,432 bytes)

Remove fimxkwxvvroi.exe - Powered by Reason Core Security