home

new-cheat-credits-wf.rar.exe

NOEKDEDOLISEOG

K.S.-GRUPP

The application new-cheat-credits-wf.rar.exe by K.S.-GRUPP has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
©Ycydypyut   (signed by K.S.-GRUPP)

Product:
NOEKDEDOLISEOG

Version:
2.4.9.4

MD5:
c2bb02335eef200dde6ee60c6623830f

SHA-1:
eb73cbb1556e210960568cf20c11bc2347fd3ddd

SHA-256:
4c9bdae77a2079e71285c29d9c32cb218b32d502a9c49d0da62494abbc09983b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/15/2024 10:25:57 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Bundler (M)
17.2.12.9

File size:
5.8 MB (6,031,976 bytes)

Product version:
2.4.9.4

Copyright:
©Ycydypyut

Original file name:
noekdedoliseog.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\new-cheat-credits-wf.rar.exe

Digital Signature
Signed by:
K.S.-GRUPP

Authority:
COMODO CA Limited

Valid from:
12/2/2016 2:00:00 AM

Valid to:
12/3/2017 1:59:59 AM

Subject:
CN=K.S.-GRUPP, OU=K.S.-GRUPP, O=K.S.-GRUPP, STREET=Bud 17 V Vul Dotsenka, L=Chernigiv, S=Ukraine, PostalCode=14032, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
5B5FA3D866750075EAEBBD10F74E4CFF

File PE Metadata
Compilation timestamp:
8/10/2013 7:32:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1DDC20

Entry point:
55, 8B, EC, 83, EC, 3C, A1, 28, AB, 9B, 00, 89, 45, E0, C7, 45, F4, 00, 00, 00, 00, C7, 45, FC, 51, 09, 00, 00, EB, 09, 8B, 4D, FC, 83, C1, 1E, 89, 4D, FC, 81, 7D, FC, AB, 09, 00, 00, 73, 0D, 0F, B7, 55, F8, 0B, 55, F8, 66, 89, 55, F0, EB, E1, 8B, 45, E4, 89, 45, DC, 81, 7D, DC, AB, 00, 00, 00, 77, 17, 81, 7D, DC, AB, 00, 00, 00, 74, 30, 83, 7D, DC, 18, 74, 3B, 83, 7D, DC, 58, 74, 16, EB, 4B, 81, 7D, DC, 0E, 01, 00, 00, 74, 21, 81, 7D, DC, 3F, 01, 00, 00, 74, 2D, EB, 37, 8B, 4D, D8, 03, 4D, D8, 0B, 4D, E8...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
1.9 MB (1,954,816 bytes)

Remove new-cheat-credits-wf.rar.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.