tindertop.exe

TinderTop

The executable tindertop.exe has been detected as malware by 1 anti-virus scanner. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘TinderTop’.
Publisher:
TinderTop  (signed and verified)

MD5:
00b1f77f3cc97ecad10c674be859d831

SHA-1:
b922e1a7026540b9ffc838f2b46e6f61f3ef92b2

SHA-256:
f6120da631979c78b3f1e2e74fd821ebcd7697ff88a8f05ceebee2c9f22d33ea

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/5/2024 6:55:43 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.1.0

File size:
49 MB (51,349,736 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\tindertop\tindertop.exe

Digital Signature
Signed by:

Authority:
TinderTop

Valid from:
10/17/2015 6:50:58 AM

Valid to:
10/14/2025 6:50:58 AM

Subject:
CN=TinderTop, O=TinderTop, S=Some-State, C=AU

Issuer:
CN=TinderTop, O=TinderTop, S=Some-State, C=AU

Serial number:
00EFDC498B7AF73041

File PE Metadata
Compilation timestamp:
2/20/2016 12:43:51 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1C9A031

Entry point:
E8, 5A, 3A, 01, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 55, 0C, A1, 20, A8, EC, 02, F7, D2, 8B, 4D, 08, 23, D0, 23, 4D, 0C, 0B, D1, 89, 15, 20, A8, EC, 02, 5D, C3, E8, 09, 21, 00, 00, 85, C0, 74, 08, 6A, 16, E8, CC, 21, 00, 00, 59, F6, 05, 20, A8, EC, 02, 02, 74, 21, 6A, 17, E8, D9, 20, 60, 00, 85, C0, 74, 05, 6A, 07, 59, CD, 29, 6A, 01, 68, 15, 00, 00, 40, 6A, 03, E8, A9, F8, FF, FF, 83, C4, 0C, 6A, 03, E8, 16, FC, FF, FF, CC, 55, 8B, EC, 8D, 45, 18, 50, 6A, 00, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75...
 
[+]

Code size:
34.9 MB (36,634,112 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
TinderTop

Command:
C:\users\{user}\appdata\roaming\tindertop\tindertop.exe su


Remove tindertop.exe - Powered by Reason Core Security