rvlkl.exe

Revealer Keylogger Pro

Logixoft

The application rvlkl.exe by Logixoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Logixoft  (signed and verified)

Product:
Revealer Keylogger Pro

Version:
2.2.0.0

MD5:
73a0bff9cc4db8a8efa832650c35d196

SHA-1:
4e0e1a45bfe7d066031e39eb1aeedaa6d0f6e48d

SHA-256:
a03318030aad00908bb204dbbe56390e7d8f01bf2b600dc6f82d37711f267ee3

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/16/2024 9:43:48 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.11.9.20

File size:
622.7 KB (637,608 bytes)

Product version:
2.2.0.0

Copyright:
Copyright (C) 2016 Logixoft

Original file name:
rvlkl.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\rvlkl.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
4/26/2016 9:04:46 AM

Valid to:
4/27/2019 9:04:46 AM

Subject:
CN=Logixoft, O=Logixoft, S=Bretagne, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112117D4A5842F3B784C81F4B86B98258AB4

File PE Metadata
Compilation timestamp:
11/9/2016 10:46:18 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
12288:pPwRSSDXoDY2k5/KPrLoh1et9Bba+0uJznG1cyfZk:pIRSSDNlKPuetva+fzngG

Entry address:
0x3441C

Entry point:
48, 83, EC, 28, E8, 37, 06, 00, 00, 48, 83, C4, 28, E9, 82, FE, FF, FF, CC, CC, E9, BF, 3C, 00, 00, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, C2, 48, 8D, 0D, 4D, 0B, 01, 00, 48, 89, 0B, 48, 8D, 53, 08, 33, C9, 48, 89, 0A, 48, 89, 4A, 08, 48, 8D, 48, 08, E8, 80, 2A, 00, 00, 48, 8D, 05, 5D, 0B, 01, 00, 48, 89, 03, 48, 8B, C3, 48, 83, C4, 20, 5B, C3, CC, 33, C0, 48, 89, 41, 10, 48, 8D, 05, 53, 0B, 01, 00, 48, 89, 41, 08, 48, 8D, 05, 38, 0B, 01, 00, 48, 89, 01, 48, 8B, C1, C3, CC, 40, 53, 48, 83...
 
[+]

Code size:
265.5 KB (271,872 bytes)

Remove rvlkl.exe - Powered by Reason Core Security