|
|
| File Name: 610a681c2da0c3de9a41f6eb0eef5dbd.exe |
| Original Name: devremv.EXE |
| Product Name: devremv Application |
| Company Name: eTEKa |
| Product Version: 0, 9, 2, 0 |
| File Version: 0, 9, 2, 0 |
| DB Updates: 16.02.2013 13:04:12 |
| Check: [Clean] |
| MD5: 610A681C2DA0C3DE9A41F6EB0EEF5DBD |
| ssdeep: 3072:nBuk2t0oV2ppxPZGpMRs0LH8OBSMDRA2gnz0JMxwft7kkdMbkXtSMnDPybURqMH:nv2t0ocZBQMRs0LcOpDRAxS0k kXtS4x |
| Size: 168448 |
| PE64: False |
| System: Win32 GUI |
| Entry point: 6A 34 68 9F B3 00 10 E8 59 00 00 00 E8 7E 16 00 00 59 8B 44 24 08 85 C0 75 D1 B8 3B BC 00 10 83 20 00 B8 4D C1 00 10 8D 41 28 83 38 00 75 C4 50 68 18 B8 00 10 6A FC FF 71 20 E8 88 32 00 00 83 26 |
:
| Name |
Attrib |
MD5 |
Size |
| .text |
60000020 |
3CF85F78B7759946172697559D7DA7B6 |
38912 |
| .rdata |
40000040 |
7DB536A1BC65D9254ED4F5DFA6C43D64 |
74752 |
| .data |
C0000040 |
D077011DDCB3E03AAB71DAA80E653F48 |
47104 |
| .rsrc |
40000040 |
DF72BE1A940F1BBA1E45785C543FF657 |
6656 |
|
:
| ssdeep |
| 768:nBMhkfTyRz3F4xY x9pDDdVfzP/EJVn9FdpS:nBukfTyN3Fuj595zKVnZpSa |
| 1536:WHLFpU0xPZYfmK3RMUSvZm PLH8OBSMU0OBv2RjOas2gnzP0qyMxwft:6ppxPZGpMRs0LH8OBSMDRA2gnz0JMxw9 |
| 768:0uLXs2KJh4flKfSkFSYod0kzESzIqzJNqMnMySy1DPrO91nURqWHGEHL8WvfGFW:rL8xb4dMFSqkXzhzmMn6gDPybURqK3GL |
| 96:ZQQykq3zN2RBgJi8uxisBWYgSjfKqJX2weL823xXceUhI:ZlPhgJi8uxisBWYgSjfKO2wcxRBUhI |
|
|
Signatures
| Type |
Signature |
| MD5 |
610A681C2DA0C3DE9A41F6EB0EEF5DBD:168448:VirusName |
| NAC |
DA371FCDA4F6F0F058BA03C3F5695512:24:VirusName |
| RIC |
01DD9658E06817738BFD89E21B994BFA:1040:VirusName |
| FIC |
2:12:UEih7k/NPuLIkthiTkkeh4ximA jBw q:UEiK/Y0w4kk 4xiMCt:95:VirusName |
| SEC |
4:.text!38912|.rdata!74752|.data!47104|.rsrc!6656:VirusName |
|
|
Removal
Using Gridinsoft Trojan Killer is recommended to automatically remove the infection described above.
