home

getdata.exe

Kometa history utility

Kometa LLC

The application getdata.exe by Kometa has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
NetBox  (signed by Kometa LLC)

Product:
Kometa history utility

Version:
1.0.0.140

MD5:
0eb49fb9b8add9f3fb8df6276f54c226

SHA-1:
83b65c5f1a7258d820e3c0a6627e894aca21ea37

SHA-256:
b19274dd8668d78b7f3b5be45d7a97a3fd437e9ca552f79fbf763cfe1f84801f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 2:27:55 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
17.3.11.15

File size:
2.4 MB (2,497,632 bytes)

Product version:
1.0.0.140

Copyright:
Copyright NetBox(C) 2014

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\kometa\panel\1.0.0.775\getdata.exe

Digital Signature
Signed by:
Kometa LLC

Authority:
COMODO CA Limited

Valid from:
4/6/2015 4:00:00 AM

Valid to:
4/6/2018 3:59:59 AM

Subject:
CN=Kometa LLC, O=Kometa LLC, STREET="kv.93,k.1, 41 Chertanovskaya ul.", L=Moscow, S=Moscow, PostalCode=117519, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
650A6B1174650A2E197862FE54E2519D

File PE Metadata
Compilation timestamp:
6/24/2015 8:33:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

Entry address:
0x17F9E7

Entry point:
E8, CB, E7, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 83, 65, E0, 00, 57, 6A, 07, 59, 33, C0, 8D, 7D, E4, F3, AB, 5F, 85, F6, 75, 15, E8, 3A, FA, FF, FF, C7, 00, 16, 00, 00, 00, E8, B6, 79, 00, 00, 83, C8, FF, C9, C3, 39, 45, 0C, 74, E6, 56, E8, 93, 0A, 00, 00, 59, B9, FF, FF, FF, 7F, C7, 45, EC, 49, 00, 00, 00, 89, 75, E8, 89, 75, E0, 89, 4D, E4, 3B, C1, 77, 03, 89, 45, E4, FF, 75, 14, 8D, 45, E0, FF, 75, 10, FF, 75, 0C, 50, FF, 55, 08, 83, C4, 10, C9, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75...
 
[+]

Code size:
1.8 MB (1,905,152 bytes)

Remove getdata.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.