home

rafotefo.exe

Dodagade Gimuhafah Hema

Monehocore Ltd.

Publisher:
Monehocore Ltd.

Product:
Dodagade Gimuhafah Hema

Version:
3.7.14.86

MD5:
e6df43e98e5e8b5b9de9e98495e016f3

SHA-1:
daf433fa24195e076394def522d2cc1f464981a3

SHA-256:
343634e1fc48fa21a30f948b6bd3bc58568e95dc6c5773b8570aa42d144cb939

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/1/2025 7:23:50 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/DealPly.EC potentially unwanted application
6.3.12010.0

File size:
604 KB (618,496 bytes)

Product version:
3.3.29.11

Copyright:
Monehocore Ltd. © All Rights Reserved

Original file name:
kuso.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\rafotefo.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x8EE44

Entry point:
55, 8B, EC, 83, C4, F4, B8, 7C, ED, 48, 00, E8, C8, 60, F7, FF, A1, 78, F9, 48, 00, 8B, 00, E8, 44, 4C, F9, FF, 8B, 0D, 00, FA, 48, 00, A1, 78, F9, 48, 00, 8B, 00, 8B, 15, 50, 5E, 42, 00, E8, 44, 4C, F9, FF, A1, 78, F9, 48, 00, 8B, 00, E8, C4, 4C, F9, FF, E8, 73, 45, F7, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8915

Developed / compiled with:
Microsoft Visual C++

Code size:
568 KB (581,632 bytes)

Scan rafotefo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.