texteditor.exe
IT CONSULT LLC
The executable texteditor.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘TextEditor’.
MD5:
ff90820e024f040967e05dfa05927317
SHA-1:
6c7dc6ab693be7e7e68d2032a11c4351a157d2d0
SHA-256:
522041962031cfd59ca542483b72fa4eaddb42264f3bdb3b85e925906a3584f1
Scanner detections:
1 / 68
Analysis date:
12/24/2024 5:05:32 PM UTC (today)
Scan engine
Detection
Engine version
Reason Heuristics
PUP (M)
17.1.10.11
File size:
184.2 KB (188,576 bytes)
File type:
Executable application (Win32 EXE)
Common path:
C:\users\{user}\appdata\roaming\texteditor\daemon\texteditor.exe
Authority:
COMODO CA Limited
Valid from:
12/7/2015 2:00:00 AM
Valid to:
12/7/2016 1:59:59 AM
Subject:
CN=IT CONSULT LLC, OU=IT, O=IT CONSULT LLC, STREET="prov. Okhtyrskyy, 7", L=Kyyiv, S=Kyyiv, PostalCode=03022, C=UA
Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Serial number:
00D5D544D7B91FA5FC0ED6FC17A58E809E
Compilation timestamp:
11/26/2015 12:44:12 PM
Code size:
87 KB (89,088 bytes)
Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Command:
"C:\users\{user}\appdata\roaming\texted~1\daemon\texted~1.exe"