home

googlecrashhandler64.exe

The executable googlecrashhandler64.exe has been detected as malware by 9 anti-virus scanners.
MD5:
9ea8c0e9a3f14fe3848eb0979a87b646

SHA-1:
482e82bbeb2b4e51c332bf880e8dfe48d1f6d679

SHA-256:
d125ffe9e9766c69f514121d4c12f92d76b62c08c79bfb7c1ac55ca6f4f34c79

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/25/2024 6:40:07 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Worm/Win32.Runouce
2015.05.10

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

Bitdefender
Win32.Worm.Nimda.O
1.0.20.940

Fortinet FortiGate
W32/Runouce.B@mm
7/7/2015

G Data
Win32.Worm.Nimda
15.7.25

IKARUS anti.virus
Email-Worm.Win32.Runouce
t3scan.1.8.9.0

Panda Antivirus
W32/Chir.P.worm
15.07.07.03

Rising Antivirus
PE:Worm.Runouce!1.9DC6
23.00.65.15705

Sophos
W32/Chir-B
4.98

File size:
280.3 KB (287,048 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\googlecrashhandler64.exe

File PE Metadata
Compilation timestamp:
1/21/2015 5:23:51 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:2/oqcFyBzE8rX9cLH1JdKGD/2aLmTlN2xEGEsqYo0DuN4oKjTw7sQN+L:0o6t7rX9OzD/2qA07q1N4VjShN+L

Entry address:
0x1FDB0

Entry point:
48, 83, EC, 28, E8, 8F, 16, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, 48, 85, C9, 74, 37, 53, 48, 83, EC, 20, 4C, 8B, C1, 48, 8B, 0D, 58, 00, 02, 00, 33, D2, FF, 15, D0, 17, 01, 00, 85, C0, 75, 17, E8, 5B, 17, 00, 00, 48, 8B, D8, FF, 15, C6, 17, 01, 00, 8B, C8, E8, 03, 17, 00, 00, 89, 03, 48, 83, C4, 20, 5B, C3, CC, CC, CC, 48, 83, EC, 28, 48, 8B, 01, 81, 38, 63, 73, 6D, E0, 75, 2B, 83, 78, 18, 04, 75, 25, 8B, 40, 20, 3D, 20, 05, 93, 19, 74, 15, 3D, 21, 05, 93, 19, 74, 0E, 3D, 22, 05, 93, 19, 74...
 
[+]

Entropy:
6.2909

Code size:
190.5 KB (195,072 bytes)

Remove googlecrashhandler64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.