home

OcdmBootstrapper.exe

Pokki Download Helper

Pokki

The executable OcdmBootstrapper.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Pokki  (signed and verified)

Product:
Pokki Download Helper

Version:
1.1.0.259

MD5:
1458e8cd2956e05290b43485066bec09

SHA-1:
64bf79ca9bef8039bf9a19a721e31da24bf7129a

SHA-256:
fd543b3e9cf3fd1b5e0f1dcf2e547610d074225750a746982aa01c15dd35e46d

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
4/25/2024 10:12:51 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic
16.2.5.6

File size:
740.3 KB (758,056 bytes)

Product version:
1.1.0.259

Copyright:
Copyright Pokki

Original file name:
OcdmBootstrapper.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\apps\2.0\q8agjj3t.bzc\jd7kmxxp.7ez\ocdm..tion_62ad989939137377_0001.0001_7416a3140d80c9ed\ocdmbootstrapper.exe

Digital Signature
Signed by:
Pokki

Authority:
VeriSign, Inc.

Valid from:
4/25/2011 8:00:00 PM

Valid to:
4/25/2012 7:59:59 PM

Subject:
CN=Pokki, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Pokki, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1BCDD0BBE1C67F61E5879491CE2ACB69

File PE Metadata
Compilation timestamp:
6/27/2011 7:58:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:p+biBioug7usXnWHxqOkehyrgKYT4toY3Afqv+lHuy5IUGuKO0:pfvu8usG4xnrgKYT4O2mlOy5+O0

Entry address:
0xB66CE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.7448

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
724 KB (741,376 bytes)

Remove OcdmBootstrapper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.