rmtool.exe

9-lab MRT

9-Lab

Publisher:
9-lab LLC  (signed by 9-Lab)

Product:
9-lab MRT

Description:
9-lab Malware Removal Tool

Version:
1.0.0.39

MD5:
05c79f37f86988c1c59fdb25a95c0011

SHA-1:
cdbeaf6c6b1fcd1b7a519bf4c8d0d7be7d947539

SHA-256:
28b75d528957a7474f46c334716d1cb99bde57fbd24c7ea0c7efd7b292cdfef3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:11:35 AM UTC  (today)

File size:
8.1 MB (8,442,304 bytes)

Product version:
1.0.0.39-beta

Copyright:
Copyright © 2012-2015, 9-lab LLC. All rights reserved.

Original file name:
rmtool.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\9-lab\removal tool\rmtool.exe

Digital Signature
Signed by:

Authority:
Symantec Corporation

Valid from:
12/24/2014 1:00:00 AM

Valid to:
1/23/2017 12:59:59 AM

Subject:
CN=9-Lab, O=9-Lab, L=Kiev, S=Ukraine, C=UA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1848D0B7BE06C62579E9C2A728671D49

File PE Metadata
Compilation timestamp:
2/10/2016 11:51:43 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
49152:eyvIGkT5FrJeTo/aBFjyahJ/SbG9kZvUTRgfIn6ksT6RBgbzKOVVT/oLG/vaI984:eBD4jyEmoI8OyvjlmTzf

Entry address:
0x622740

Entry point:
55, 53, 48, 81, EC, B8, 00, 00, 00, 48, 8B, EC, 48, C7, 45, 20, 00, 00, 00, 00, 48, C7, 45, 28, 00, 00, 00, 00, 48, C7, 45, 30, 00, 00, 00, 00, 48, C7, 45, 38, 00, 00, 00, 00, 48, C7, 45, 40, 00, 00, 00, 00, 48, C7, 45, 48, 00, 00, 00, 00, 48, C7, 45, 50, 00, 00, 00, 00, 48, C7, 45, 58, 00, 00, 00, 00, 48, C7, 45, 60, 00, 00, 00, 00, 48, C7, 45, 68, 00, 00, 00, 00, 48, C7, 45, 70, 00, 00, 00, 00, 48, C7, 45, 78, 00, 00, 00, 00, 48, C7, 85, 80, 00, 00, 00, 00, 00, 00, 00, 48, 89, AD, 88, 00, 00, 00, 90, 48...
 
[+]

Code size:
6.1 MB (6,431,744 bytes)

The file rmtool.exe has been discovered within the following program.

About 5% of users remove it
 
Powered by Should I Remove It?

Scan rmtool.exe - Powered by Reason Core Security