» revo-uninstaller-portable-1-95-32-bits.exe
Overview
Analysis
File Details
Downloads (4)

revo-uninstaller-portable-1-95-32-bits.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 113.171.224.209 and multiple other hosts.

File name:

MD5:

c581e60e67b83fc640741df7197ead86

SHA-1:

3d8a2f38779c0afdbf748a339966d01d083d6165

SHA-256:

a91fa95cfdb0feccffb99ebab32dcaa934883daa532fe7c800caf1488c8ab99c

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/28/2024 12:51:22 PM UTC (today)

File size:

2.9 MB (3,007,700 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\revo-uninstaller-portable-1-95-32-bits.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

49152:3ekSuvoUOEXLxVmURplOsZoVa6F/awkr6oLRHs7GlS8CLGxouCGmLM7yto:rsMmUBOsZuauSwc6im7GMQx8Q7r

Entry point:

50, 4B, 03, 04, 14, 00, 00, 00, 00, 00, 79, 76, E3, 42, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 1E, 00, 00, 00, 72, 65, 76, 6F, 75, 6E, 69, 6E, 73, 74, 61, 6C, 6C, 65, 72, 2D, 70, 6F, 72, 74, 61, 62, 6C, 65, 2F, 6C, 61, 6E, 67, 2F, 50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, 6B, 5E, E3, 42, 17, 15, B3, 94, BB, 2F, 00, 00, 6A, D8, 00, 00, 2A, 00, 00, 00, 72, 65, 76, 6F, 75, 6E, 69, 6E, 73, 74, 61, 6C, 6C, 65, 72, 2D, 70, 6F, 72, 74, 61, 62, 6C, 65, 2F, 6C, 61, 6E, 67, 2F, 61, 6C, 62, 61, 6E, 69, 61, 6E... 
[+]

The file revo-uninstaller-portable-1-95-32-bits.exe has been seen being distributed by the following 4 URLs.

http://113.171.224.209/.../revouninstaller.zip?ich_u_r_i=0c9461c36b2209f77d58ea33b9e07832&ich_s_t_a_r_t=0&ich_e_n_d=0&ich_k_e_y=1645018922751663462425&ich_t_y_p_e=7822&ich_d_i_s_k_i_d=10&ich_u_n_i_t=1

http://cdn.dasharchiveswarehouse.com/c?x=ry6cI NvXl9LZnQ3w7IqcVtKnXZQbzV4sPU682Ydexg=&c=SfNIRwnIfvvSBzH3IQsUT SOpk1d5ssG2/9vadImVgre41sraq3m3L6Gxayo5EheE yrCNVGC61iiOed8tL305e3nXvrV/7vc orscg4TTwYS54sf7I0MPR7LYv1BEUf&fallback_url=http://www.revouninstaller.com/.../revouninstaller.zip&downloadAs=revo-uninstaller-portable-32-bits.exe

http://www.revouninstaller.com/.../revouninstaller.zip

http://9d4da85dff3fdd198886-459beec849893df302ec58f8a71b3ad1.r61.cf1.rackcdn.com/revouninstaller.zip

Scan revo-uninstaller-portable-1-95-32-bits.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.