» freekeyloggerremovaltool.exe
Overview
Analysis
File Details
Programs (3)

freekeyloggerremovaltool.exe

Security Stronghold LLC

The application freekeyloggerremovaltool.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. Additionally, the file is typically installed by a number of programs including SVCCHOSTRemoval Tool by Security Stronghold and Snap Toolbar Removal Tool by Security Stronghold.

File name:

Publisher:

Security Stronghold LLC (signed and verified)

Version:

1.0.0.0

MD5:

dfbd6723b021473caab78ef03efbc3ca

SHA-1:

815af250de888b1eaa6f878e83a2046e70969d9a

SHA-256:

e32a72561ffea38a970f14a98d0031e45220d6b8ce950a2e6283218eb612a777

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/27/2024 6:29:35 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Win32.Generic

16.1.22.17

File size:

5.2 MB (5,429,176 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\free keylogger removal tool\freekeyloggerremovaltool.exe

Digital Signature

Signed by:

Security Stronghold LLC

Authority:

GlobalSign nv-sa

Valid from:

10/10/2011 6:49:57 AM

Valid to:

10/10/2012 6:49:57 AM

Subject:

E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, S=Astrakhan region, C=RU

Issuer:

CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:

112178C42A18008AB27616B3F5140692C337

File PE Metadata

Compilation timestamp:

8/17/2012 8:32:47 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:7jNTsIxbWSJpqpllEHhbj/1jfyU0d0NXM7bMEcAA4CqnEv4T1BbQoklhpbLaddxu:7jJsueQ1/0P7bMEcAA4Cqnx+9iyZ

Entry address:

0x396BD4

Entry point:

55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, B8, 6C, 69, 78, 00, E8, 0C, 53, C7, FF, 8B, 35, 78, BA, 7C, 00, 33, C0, 55, 68, EA, 6D, 79, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E4, 33, C0, E8, 5E, DF, C6, FF, 8B, 45, E4, 8D, 55, E8, E8, 5B, CC, C8, FF, 8B, 45, E8, 8D, 4D, EC, 33, D2, E8, 5A, CA, C8, FF, 8B, 55, EC, 8B, C6, E8, DC, 10, C7, FF, BB, 02, 00, 00, 00, 8D, 45, DC, 8B, 16, 0F, B7, 54, 5A, FC, E8, 20, 1C, C7, FF, 8B, 45, DC, 8D, 55, E0, E8, 01, AC, C8, FF, 8B, 45, E0, 50, 8D... 
[+]

Entropy:

6.7791

Developed / compiled with:

Microsoft Visual C++

Code size:

3.6 MB (3,756,544 bytes)

The file freekeyloggerremovaltool.exe has been discovered within the following programs.

FBIMoneypak Removal Tool by Security Stronghold

Publisher's description - “FBI Moneypak copies its file(s) to your hard disk. Its typical file name is (*.*). Then it creates new startup key with name FBI Moneypak and value (*.*). You can also find it in your processes list with name (*.*) or FBI Moneypak.”

www.securitystronghold.com/gates/remove-fbi-moneypak.html

64% remove it

Snap Toolbar Removal Tool by Security Stronghold

During installation, the Security Stronghold Removal Tool utility will provide various bundled applications including RegClean Pro registry cleaner. It will then download utilities from its server and scan the user's PC.

www.SecurityStronghold.com

58% remove it

SVCCHOSTRemoval Tool by Security Stronghold

53% remove it

Remove freekeyloggerremovaltool.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.