home

oneclickroot.exe

One Click Root

This is a setup program which is used to install the application. The file has been seen being downloaded from RevenueWire's affiliate distribution platform hkrathnayaka.oneclickroot.revenuewire.net.
Publisher:
One Click Root

Product:
One Click Root

Description:
Property.ARPCOMMENTS

Version:
1.00.0192

MD5:
7df70c5a8e84aa4c36802a13edfd7285

SHA-1:
c01915b9418061d24352c4982c7f679e114022df

SHA-256:
ff8104ba89051feafe1ea08be8c66b98badaa2e87c3daf3e535268e54777c626

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/29/2024 11:57:24 AM UTC  (today)

File size:
18.4 MB (19,325,104 bytes)

Product version:
1.00.0192

Copyright:
Copyright (C) 2016 One Click Root

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\downloads\oneclickroot.exe

File PE Metadata
Compilation timestamp:
1/28/2015 6:02:13 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:zC5J41MTMPOj89O27+n/xS8A20dTDQKLf12YkV2dHdKhupwebME:zI415e8NK/I8AvNQJLyO+wer

Entry address:
0xC93AC

Entry point:
68, 5F, 85, 42, 00, F6, C2, 86, 8D, 15, 64, 09, A4, 38, B8, AC, D2, 00, 00, FF, C2, 2D, E9, 67, 00, 00, 3B, DE, 75, 03, 0F, AF, F7, 2B, C8, 8A, E6, 81, E9, 6F, 0D, 00, 00, 23, D0, B3, 99, FF, C8, 31, F6, F6, C6, D2, 8D, 3D, 8B, 04, 00, 00, 0F, AF, D0, 81, F7, 8B, 04, 00, 00, 85, DF, 12, C6, 01, D0, 81, C7, 6F, F1, FF, FF, 0F, AF, EE, 81, C7, 92, 0E, 00, 00, 88, C1, B1, 3F, 81, FF, 27, 09, 00, 00, 72, DF, 73, 0E, F7, C2, 97, EB, EC, 85, F7, C7, 84, 1D, 6C, B3, 0F, CA, 68, D1, 22, 00, 00, E8, 00, 00, 00, 00...
 
[+]

Entropy:
7.9651  (probably packed)

Code size:
1 MB (1,049,600 bytes)

The file oneclickroot.exe has been seen being distributed by the following URL.

http://hkrathnayaka.oneclickroot.revenuewire.net/.../download

Scan oneclickroot.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.