» print_spooler_repair_tool_for_windows8.exe
Overview
Analysis
File Details
Downloads (1)

print_spooler_repair_tool_for_windows8.exe

Print Spooler Repair Tool

Techsupportall.com

The executable print_spooler_repair_tool_for_windows8.exe, “Repair print spooler service” has been detected as malware by 11 anti-virus scanners. The file has been seen being downloaded from www.techsupportall.net.

File name:

Publisher:

Techsupportall.com

Product:

Print Spooler Repair Tool

Description:

Repair print spooler service

Version:

1.0.0.0

MD5:

75f6cc3b9d91fb36827052daa68ab459

SHA-1:

44b85c2b29c6b84fa020c9aead696e588877cb0e

SHA-256:

ec99f7ce67dce348254e52fb194ac592446e0fceff485a62a95f4ce85d92dd3c

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

5/3/2024 9:09:40 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Agent.921624

7.11.137.132

avast!

Win32:Malware-gen

2014.9-140917

Baidu Antivirus

Trojan.Win32.Fednu

4.0.3.14917

Dr.Web

Trojan.MulDrop5.5859

9.0.1.0260

K7 AntiVirus

Trojan

13.176.11451

McAfee

Artemis!75F6CC3B9D91

5600.7004

NANO AntiVirus

Trojan.Win32.AVKill.coewxb

0.28.0.58394

Norman

Suspicious_Gen7.XI

11.20140917

Qihoo 360 Security

Malware.QVM07.Gen

1.0.0.1015

Rising Antivirus

PE:Trojan.Win32.Fednu.ujp!1075352388

23.00.65.14915

Vba32 AntiVirus

Trojan.RAR.Qhost

3.12.24.3

File size:

900 KB (921,624 bytes)

Product version:

1.0.0.0

2015

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

File PE Metadata

Compilation timestamp:

11/23/2011 6:41:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

6.0

CTPH (ssdeep):

12288:6yu8gCTiJiYNadtDIC4W43ksPZE5SqG2VcV8XX7xe9DPBi3/2Kmm97Wb9cd:6yu8gCTX8aTUC5akaa5qZV8Xrg9Deb7z

Entry address:

0x5C8E

Entry point:

55, 8B, EC, 6A, FF, 68, 10, D1, 40, 00, 68, 04, 84, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 10, 53, 56, 57, 89, 65, E8, FF, 15, 38, D0, 40, 00, 33, D2, 8A, D4, 89, 15, D0, 0C, 41, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, CC, 0C, 41, 00, C1, E1, 08, 03, CA, 89, 0D, C8, 0C, 41, 00, C1, E8, 10, A3, C4, 0C, 41, 00, 6A, 00, E8, E4, 25, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, 9A, 00, 00, 00, 59, 83, 65, FC, 00, E8, 04, 11, 00, 00, FF, 15, 34, D0, 40, 00, A3, E4, 4C, DE, 00, E8... 
[+]

Entropy:

7.4168

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

48 KB (49,152 bytes)

The file print_spooler_repair_tool_for_windows8.exe has been seen being distributed by the following URL.

http://www.techsupportall.net/.../Print_Spooler_Repair_Tool_For_windows8.exe

Remove print_spooler_repair_tool_for_windows8.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.