home

rexlauncher v3.2.exe

Cobind

The application rexlauncher v3.2.exe by Cobind has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Cobind  (signed and verified)

MD5:
57ea049f94f7e8dbff3591be2c5f5296

SHA-1:
d760bc239f5c1b6876a9b2f0a87a4baf1000ec23

SHA-256:
6727448db3c2551a730d08e8ffeff2533c8d3293e4d3eb8587a917931c1f7651

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 7:42:42 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Cobind.Kryptic (M)
16.10.4.11

File size:
6.6 MB (6,960,544 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Cobind

Authority:
Cobind

Valid from:
8/5/2016 3:36:03 PM

Valid to:
8/3/2026 3:36:03 PM

Subject:
E=admin@cobind.com, CN=cobind.com, OU=Ques Unit, O=Cobind, L=New York City, S=New York, C=US

Issuer:
E=admin@cobind.com, CN=cobind.com, OU=Ques Unit, O=Cobind, L=New York City, S=New York, C=US

Serial number:
00ABF3127C9761E782

File PE Metadata
Compilation timestamp:
8/7/2016 1:49:52 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
196608:E9epe4eeCjr9dIBVoE6e9lZSaQkx2DXoPQ6K4wlrER:2epe4eeCjr9dP5f4Q6KhxER

Entry address:
0x690FAE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 03, 00, 00, 00, 20, 00, 00, 80, 0E, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6.6 MB (6,877,184 bytes)

Remove rexlauncher v3.2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.