home

oneclickroot.exe

One Click Root

This is a setup program which is used to install the application. The file has been seen being downloaded from RevenueWire's affiliate distribution platform androidroot.oneclickroot.revenuewire.net.
Publisher:
One Click Root

Product:
One Click Root

Description:
Property.ARPCOMMENTS

Version:
1.00.0188

MD5:
4b61a8b956a6ee5ade53241ef0b5e048

SHA-1:
3e20f9047ced3c261a80f3875c603c84e8f48c60

SHA-256:
36964cf3d5f21f1df8c881b01511262f4d9115d6eae0eaf53c411a60d034e76e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:22:43 PM UTC  (today)

File size:
18.4 MB (19,326,176 bytes)

Product version:
1.00.0188

Copyright:
Copyright (C) 2015 One Click Root

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\oneclickroot.exe

File PE Metadata
Compilation timestamp:
1/28/2015 6:02:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:Vw5k41MTMPOj89O27+n/xS8A20dTDQKLf12YkV2dHdKhu1C6nwg:VP415e8NK/I8AvNQJLyOLtg

Entry address:
0xC93AC

Entry point:
8B, DF, F6, C2, 36, 3D, 85, CD, 00, 00, 73, 02, 88, E2, 2D, C4, F2, 86, BA, 69, F2, 80, DE, 0A, 83, E8, 00, 00, 00, 00, 47, 87, DE, 72, 02, 0F, C8, F7, DE, 51, 77, 03, 80, CE, 7C, 5D, 8D, 35, FF, CE, CE, 48, 0F, BE, C0, 2B, CD, C6, C0, 07, 5F, C6, C2, EA, 80, C0, 1C, 03, CA, 0F, 6E, E7, B4, 03, 84, E0, F7, DE, 8B, C1, 69, F0, 06, A2, CA, DF, BD, 58, BF, 0F, 00, 89, F6, 81, F5, 9F, 03, 00, 00, C6, C0, 69, 81, ED, 89, B5, 0E, 00, C6, C6, D7, 8B, F5, 81, FA, 9D, 24, 00, 00, 73, 02, 89, CE, 55, FF, CE, 5E, 8D...
 
[+]

Entropy:
7.9651  (probably packed)

Code size:
1 MB (1,049,600 bytes)

The file oneclickroot.exe has been seen being distributed by the following URL.

http://androidroot.oneclickroot.revenuewire.net/.../download-auto

Scan oneclickroot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.