home

removefakeantivirus.exe

MD5:
78b7afcbdc973998cd635b90bfb50060

SHA-1:
cdf66fe1c625311d7edb13a73a3e33467936031f

SHA-256:
d2545625d92756576903c2f52a566012640514e70868b94a7dffcc03731df7b9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
1/15/2025 6:02:16 PM UTC  (today)

File size:
8 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\removefakeantivirus.exe

File PE Metadata
OS bitness:
Win64

Entry point:
57, 72, 6F, 6E, 67, 20, 49, 50...
 
[+]

Entropy:
3.0000

The file removefakeantivirus.exe has been seen being distributed by the following 14 URLs.

https://d19.usercdn.com/d/.../Office2003SP3-KB923618-FullFile-ENU.exe

http://dl-file.com/.../FarmingSimulator2017Patch1.3.exe.html

http://dl-file.com/.../FarmingSimulator2017Patch1.3.1.exe.html

http://stn034.rfservers.eu:182/d/.../R1CK.&.M0R7Y.2x7.VOSE.m720p.avi

https://userscloud.com/rykxlxm4frya

http://ourupload.xyz/cgi-bin/dl.cgi/.../BlueStacks App Player Pro v2.1.7.5658 - .exe

http://www.tusfiles.net/as8aplazpiyc

http://5.152.222.138/.../v.flv

http://89.40.181.19/.../v.mp4

http://50.7.161.10/.../v.mp4

http://files6.mediafree.co:182/d/.../Lightroom_CC_6.4.MaZiKa2daY.CoM.rar

http://192.96.205.169:182/d/.../AC4_patch_v1.03_nosTEAM.exe

http://192.96.205.169:182/d/.../AC4_patch_v1.03_nosTEAM.exe

http://192.96.205.169:182/d/.../SimCity_patch_nosTEAM.exe

Scan removefakeantivirus.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.