home

TDSSKiller.exe

TDSSKiller

Kaspersky Lab

This is a setup program which is used to install the application. This is installed with multiple programs including TDSSKiller. The file has been seen being downloaded from download1649.mediafire.com and multiple other hosts.
Publisher:
Kaspersky Lab ZAO  (signed by Kaspersky Lab)

Product:
TDSSKiller

Description:
TDSS rootkit removing tool

Version:
2.8.16.0

MD5:
178a34e5554dce485e1262ddf027960c

SHA-1:
8c96200c80fc632d0645bf7493cd55e5cdf11cda

SHA-256:
eb7d10f674ec5563cd5f5ce644fdf99404b1f340be4ad86f3b460e25597e4c5c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 2:30:53 PM UTC  (today)

File size:
2.1 MB (2,237,968 bytes)

Product version:
2.8.16.0

Copyright:
© 1997-2013 Kaspersky Lab ZAO.

Trademarks:
Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab ZAO.

Original file name:
TDSSKiller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tdsskiller.exe

Digital Signature
Signed by:
Kaspersky Lab

Authority:
VeriSign, Inc.

Valid from:
2/14/2012 7:00:00 PM

Valid to:
3/7/2013 6:59:59 PM

Subject:
CN=Kaspersky Lab, OU=Technical dept, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kaspersky Lab, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
16E5A775120300FB3419458B40D40834

File PE Metadata
Compilation timestamp:
2/11/2013 9:51:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:0C7wT6w2baU0NXMZLgryRjHZLNjVqMVs0MdZ2Efo1H7xxi:f0T6aNgLgrq1q+sbsx7xU

Entry address:
0x3543E0

Entry point:
50, 9C, 60, E8, 0C, 01, 00, 00, 01, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, E0, 43, 35, 00, 7F, 97, 21, 00, 4C, 43, 35, 00, 91, 00, 00, 00, 98, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, E2, 34, 00, 9C, 3B, 35, 00, 20, 3F, 35, 00, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 12, 00, 7F, 97, 21, 00, 00, 56, 22, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9950  (probably packed)

Code size:
2.1 MB (2,252,800 bytes)

The file TDSSKiller.exe has been discovered within the following programs.

TDSSKiller  by Kaspersky Lab
Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits. A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API).
support.kaspersky.com/5350?el=88446
About 7% of users remove it
Virusbusters Maintenance  by The Virusbusters
www.thevirusbusters.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file TDSSKiller.exe has been seen being distributed by the following 37 URLs.

http://download1649.mediafire.com/27glh19vvt4g/.../tdsskiller.exe

http://download1742.mediafire.com/w45x112do37g/.../tdsskiller.exe

http://americas.kasperskylabs.com/HS?b=dlp5nqsxrN_nkz10b6v38YKaeXYA0gaKZQpGxtDRZUELhpB4NReKFIARRJItJcok&c=wc3_LWM-JqMnwFSveoDtLQ

http://americas.kasperskylabs.com/HS?a=ENX7C63pKWBk8SA9MOApPJTnGHxKW_VNIfcStGb5lw8W0bBhOG5mpqVsje_HheH7H1wN

https://onedrive.live.com/.../4gO9raQj9GcXrzdXXiovWyo2W kSfc07TUoJQ=3&ithint=.exe

http://fra-7m22-stor07.uploaded.net/.../64fc73d1-0f06-4258-b86e-8c9c484a70fc

http://americas.kasperskylabs.com/HS?a=ENX7C6wUZ1NE8SA9MOApPJTnGHxKW_VNJvcStGb5lw8W0bBhOG5mpqVsje_HheH7H1zp

https://dl-web.dropbox.com/get/Stuff/IT Gear/.../TDSSKiller.exe

http://americas.kasperskylabs.com/HS?b=MdSrqGE_d3qfHY_pFTr2IsvluKRHK-vKeMx-isKkRiKrUkxzfOLhQQzUbJaQc2LK&c=R_-CrCZvPHo6PrVwK1Be0A

ftp://66.241.104.42/tdsskiller.exe

https://support.kaspersky.com/downloads/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1302.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1302.livefilestore.com/.../tdsskiller.exe

https://skydrive.live.com/download.aspx?cid=F977E8B412C8AD48&resid=F977E8B412C8AD48!175&canary=

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1301.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1301.livefilestore.com/.../tdsskiller.exe

http://americas.kasperskylabs.com/HS?a=ENX7C6wvV6W88SA9MOApPJTnGHxKW_VNJvcStGb5lw8W0bBhOG5mpqVsje_HheH7H1yO

http://www.techamok.com/.../tdsskiller.exe

http://filepony.de/.../

http://filepony.de/.../

http://passthrough.fw-notify.net/download/556571/http://support.kaspersky.com/downloads/.../tdsskiller.exe

http://americas.kasperskylabs.com/HS?a=ENX7C6wD3gYJ8SA9MOApPJTnGHxKW_VNJvcStGb5lw8W0bBhOG5mpqVsje_HheH7H1NV

http://americas.kasperskylabs.com/HS?a=ENX7C6w7c7cz8SA9MOApPJTnGHxKW_VNIfcStGb5lw8W0bBhOG5mpqVsje_HheH7H1w8

http://americas.kasperskylabs.com/HS?a=ENX7C6w4Mly48SA9MOApPJTnGHxKW_VNIfcStGb5lw8W0bBhOG5mpqVsje_HheH7H1Ng

http://software.thaiware.com/download_url.php?id=797

Latest 30 of 37 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.