home

rvlkl.exe

Revealer Keylogger Pro

Logixoft

The application rvlkl.exe by Logixoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Logixoft  (signed and verified)

Product:
Revealer Keylogger Pro

Version:
2.2.2.0

MD5:
6139dedba18185cb55b5bf68d7ead1e7

SHA-1:
9eff9538e654103ba5cbb5be99906b8bf3bc9be0

SHA-256:
47018cacc9ef567f80c0d07645609138fd6c24f345b94803a2fd3e2ffda63f5b

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/16/2024 9:51:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.20.23

File size:
622.1 KB (637,000 bytes)

Product version:
2.2.2.0

Copyright:
Copyright (C) 2017 Logixoft

Original file name:
rvlkl.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\rvlkl.exe

Digital Signature
Signed by:
Logixoft

Authority:
GlobalSign nv-sa

Valid from:
4/26/2016 5:04:46 AM

Valid to:
4/27/2019 5:04:46 AM

Subject:
CN=Logixoft, O=Logixoft, S=Bretagne, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112117D4A5842F3B784C81F4B86B98258AB4

File PE Metadata
Compilation timestamp:
2/17/2017 7:17:44 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
14.0

Entry address:
0x3465C

Entry point:
48, 83, EC, 28, E8, 4B, 06, 00, 00, 48, 83, C4, 28, E9, 82, FE, FF, FF, CC, CC, E9, BF, 3C, 00, 00, CC, CC, CC, 40, 53, 48, 83, EC, 20, 48, 8B, D9, 48, 8B, C2, 48, 8D, 0D, 0D, 09, 01, 00, 48, 89, 0B, 48, 8D, 53, 08, 33, C9, 48, 89, 0A, 48, 89, 4A, 08, 48, 8D, 48, 08, E8, 80, 2A, 00, 00, 48, 8D, 05, 1D, 09, 01, 00, 48, 89, 03, 48, 8B, C3, 48, 83, C4, 20, 5B, C3, CC, 33, C0, 48, 89, 41, 10, 48, 8D, 05, 13, 09, 01, 00, 48, 89, 41, 08, 48, 8D, 05, F8, 08, 01, 00, 48, 89, 01, 48, 8B, C1, C3, CC, 40, 53, 48, 83...
 
[+]

Entropy:
6.3306

Code size:
266 KB (272,384 bytes)

Remove rvlkl.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.