RecoverPasswords.exe

ONE UP LTD.

The executable RecoverPasswords.exe, “Tool for recovering passwords” has been detected as malware by 1 anti-virus scanner.
Publisher:
Recover Passwords  (signed by ONE UP LTD.)

Product:
Recover Passwords

Description:
Tool for recovering passwords

Version:
1.0.0.33

MD5:
fd7d6e4fef102645324781ac7305fe25

SHA-1:
203195f4f7144bb36a47031260b0ab2b270b6f0d

SHA-256:
c04f78e6971aef119657788edc7faa9aa6c3b395f3d53cc77f17d955d8d3ea44

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/24/2024 6:35:13 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.9.29.0

File size:
17.1 MB (17,968,952 bytes)

Product version:
1.0.0.33

Copyright:
© Recover Passwords. All rights reserved.

Original file name:
RecoverPasswords.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\recover passwords\recoverpasswords.exe

Digital Signature
Signed by:

Authority:
Starfield Technologies, Inc.

Valid from:
2/16/2016 7:34:38 PM

Valid to:
4/25/2019 10:33:03 PM

Subject:
CN=ONE UP LTD., O=ONE UP LTD., L=LIMASSOL, C=CY

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
66BBF05193DB18D4

File PE Metadata
Compilation timestamp:
9/8/2016 8:56:22 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:YjiKhhBWiBqFcleToxnrFJhA/mTXZ108MXgZCHphUEkUgGkf1Z:MHGFcleToJeqwDH7UBJ1Z

Entry address:
0xABCAFC

Entry point:
55, 8B, EC, 83, C4, E8, 33, C0, 89, 45, EC, 89, 45, E8, B8, 58, 0E, EA, 00, E8, BC, EE, 54, FF, 33, C0, 55, 68, B9, CB, EB, 00, 64, FF, 30, 64, 89, 20, 8D, 55, E8, B8, 01, 00, 00, 00, E8, C9, 7E, 54, FF, 8B, 45, E8, 8D, 55, EC, E8, CA, 28, 56, FF, 8B, 45, EC, BA, D4, CB, EB, 00, E8, 6D, BA, 54, FF, A1, E0, 6B, EF, 00, 0F, 94, 00, A1, 44, 75, EF, 00, 8B, 00, E8, ED, C1, 68, FF, A1, 44, 75, EF, 00, 8B, 00, B2, 01, E8, BB, DD, 68, FF, A1, 44, 75, EF, 00, 8B, 00, BA, F0, CB, EB, 00, E8, 0E, BC, 68, FF, 8B, 0D...
 
[+]

Entropy:
6.7714

Developed / compiled with:
Microsoft Visual C++

Code size:
10.7 MB (11,251,712 bytes)

Remove RecoverPasswords.exe - Powered by Reason Core Security