home

hackotbatkiv0.1(rango-hack).exe

KORDEN

The application hackotbatkiv0.1(rango-hack).exe by KORDEN has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
KORDEN  (signed and verified)

MD5:
5d6e0b7f797931c1ecf65978d42f9d92

SHA-1:
2dea378b73efbab1c351327bc40e626312a979a0

SHA-256:
6a999cf796dc31da0fb3a77c05a08d5f8cb8226d83dfa1da3d68f5339e329df1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 11:17:40 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FileTour (M)
17.3.14.14

File size:
2.7 MB (2,783,152 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\hackotbatkiv0.1(rango-hack).exe

Digital Signature
Signed by:
KORDEN

Authority:
COMODO CA Limited

Valid from:
6/10/2016 3:00:00 AM

Valid to:
6/11/2017 2:59:59 AM

Subject:
CN=KORDEN, O=KORDEN, STREET="Suvorova, 121, 2", L=Kaluga, S=RU, PostalCode=248001, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5155537C8008D971F70742D18711BCB3

File PE Metadata
Compilation timestamp:
8/28/2011 1:04:02 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x77B8CC

Entry point:
E9, 31, E7, FF, FF, E9, 2C, E7, FF, FF, E9, 27, E7, FF, FF, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, B5, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, FC, 33, D2, 64, 8B, 52, 30, 8B, 52, 0C, 8B, 52, 14, 8B, 72, 28, 6A, 18, 59, 33, FF, 33, C0, AC, 3C, 61, 7C, 02, 2C, 20, C1, CF, 0D, 03...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
2.5 MB (2,645,504 bytes)

Remove hackotbatkiv0.1(rango-hack).exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.