TDSSKiller.exe

TDSSKiller

Kaspersky Lab

This is a setup program which is used to install the application. This is installed with multiple programs including TDSSKiller. The file has been seen being downloaded from download1649.mediafire.com and multiple other hosts.
Publisher:
Kaspersky Lab ZAO  (signed by Kaspersky Lab)

Product:
TDSSKiller

Description:
TDSS rootkit removing tool

Version:
2.8.16.0

MD5:
178a34e5554dce485e1262ddf027960c

SHA-1:
8c96200c80fc632d0645bf7493cd55e5cdf11cda

SHA-256:
eb7d10f674ec5563cd5f5ce644fdf99404b1f340be4ad86f3b460e25597e4c5c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 9:34:29 AM UTC  (today)

File size:
2.1 MB (2,237,968 bytes)

Product version:
2.8.16.0

Copyright:
© 1997-2013 Kaspersky Lab ZAO.

Trademarks:
Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab ZAO.

Original file name:
TDSSKiller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tdsskiller.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
2/14/2012 7:00:00 PM

Valid to:
3/7/2013 6:59:59 PM

Subject:
CN=Kaspersky Lab, OU=Technical dept, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kaspersky Lab, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
16E5A775120300FB3419458B40D40834

File PE Metadata
Compilation timestamp:
2/11/2013 9:51:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:0C7wT6w2baU0NXMZLgryRjHZLNjVqMVs0MdZ2Efo1H7xxi:f0T6aNgLgrq1q+sbsx7xU

Entry address:
0x3543E0

Entry point:
50, 9C, 60, E8, 0C, 01, 00, 00, 01, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, E0, 43, 35, 00, 7F, 97, 21, 00, 4C, 43, 35, 00, 91, 00, 00, 00, 98, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, E2, 34, 00, 9C, 3B, 35, 00, 20, 3F, 35, 00, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 12, 00, 7F, 97, 21, 00, 00, 56, 22, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9950  (probably packed)

Code size:
2.1 MB (2,252,800 bytes)

The file TDSSKiller.exe has been discovered within the following programs.

TDSSKiller  by Kaspersky Lab
Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits. A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API).
support.kaspersky.com/5350?el=88446
About 7% of users remove it
Virusbusters Maintenance  by The Virusbusters
www.thevirusbusters.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file TDSSKiller.exe has been seen being distributed by the following 37 URLs.

http://download1649.mediafire.com/27glh19vvt4g/.../tdsskiller.exe

http://download1742.mediafire.com/w45x112do37g/.../tdsskiller.exe

ftp://66.241.104.42/tdsskiller.exe

Latest 30 of 37 download URLs