» TDSSKiller.exe
Overview
Analysis
File Details
Downloads (17)

TDSSKiller.exe

TDSSKiller

Kaspersky Lab

This is a setup program which is used to install the application. The file has been seen being downloaded from gslink.us and multiple other hosts.

File name:

TDSSKiller.exe

Publisher:

Kaspersky Lab ZAO (signed by Kaspersky Lab)

Product:

TDSSKiller

Description:

TDSS rootkit removing tool

Version:

3.0.0.40

MD5:

d40e7b5fbb8e0eaa7c5c294389af95ab

SHA-1:

32189c4cd08c907710e3458ec8fbd92972d76537

SHA-256:

8efd521df1f335af416dec15d5c0c6538903803aa1a8ed93aa704b384a29876b

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 3:16:32 PM UTC (today)

File size:

4 MB (4,181,856 bytes)

Product version:

3.0.0.40

Trademarks:

Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab ZAO.

Original file name:

TDSSKiller.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Kaspersky Lab

Authority:

DigiCert Inc

Valid from:

2/22/2013 1:00:00 AM

Valid to:

4/28/2015 2:00:00 PM

Subject:

CN=Kaspersky Lab, O=Kaspersky Lab, L=Moscow, C=RU

Issuer:

CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:

0226E6BDA76DAE711E3DB2321E3B5308

File PE Metadata

Compilation timestamp:

7/10/2014 10:38:25 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

98304:6fCcuw5sfsZyR96+Mw3tZS6jns8iYUlLy4ntOMVzmQR72:6fzruvsw3tZS6jnfClGgtx2

Entry address:

0x8973DC

Entry point:

50, 9C, 60, E8, 0C, 01, 00, 00, 01, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, DC, 73, 89, 00, C4, 3D, 3F, 00, 4C, 73, 89, 00, 90, 00, 00, 00, 98, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, C0, 04, 89, 00, 48, 61, 89, 00, CC, 64, 89, 00, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 80, 48, 00, C4, 3D, 3F, 00, 00, 88, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

4 MB (4,231,168 bytes)

The file TDSSKiller.exe has been seen being distributed by the following 17 URLs.

http://gslink.us/.../tdsskiller

&onid=2239&oid=3001-2239_4-75722087&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=security/antivirus&topicbrcrm=windows software&pid=13802130&mfgid=69625&merid=69625&ctype=dm&cval=NONE&devicetype=desktop&pguid=f8a588c483679c0d30ab7636&viewguid=RNmf7F0r4e8A2u1IpFCw51YRouPug2w4Juh2&destUrl=http://software-files-a.cnet.com/s/software/13/80/21/.../tdsskiller.exe

http://www.techspot.com/downloads/downloadnow/.../?evp=5b521633f540fa7034d60fed3ae1a367&file=1

http://www.giga.de/.../download.php?id=144577318

https://dl-web.dropbox.com/.../tdsskiller.exe

http://www.tamindir.com/indir/MjAxNC0wOS0yNCAwMjowMzo1OA==/kaspersky-tdsskiller/.../3.0.0.40

http://support.kaspersky.com/fr/downloads/.../tdsskiller.exe

http://www.majorgeeks.com/index.php?ct=files&action=download&

http://www.infospyware.com/.../click.php?id=22

http://192.168.0.3/.../09._Tdsskiller.exe

http://www.downloadcrew.com/?act=software.download&id=22551&t=1401478719&c=6ff5ee5f64ade9b44d10764c723008b93e1b9620

http://dc251.gulfup.com/ebClQ6.exe

http://82.235.69.160:25057/share/.../TDSSKiller.exe

http://dl.cdn.chip.de/downloads/.../tdsskiller_v-3.0.0.40.exe

http://media.kaspersky.com/utilities/VirusUtilities/.../tdsskiller.exe

http://software-files-a.cnet.com/s/software/13/80/21/.../tdsskiller.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.