» rescue.exe
Overview
Analysis
File Details
Programs (1)

rescue.exe

WinRescue

Super Win Software, Inc.

This file is installed with the program WinRescue 7.

File name:

rescue.exe

Publisher:

Super Win Software (signed by Super Win Software, Inc.)

Product:

WinRescue

Version:

1.8.36.45

MD5:

fdfb6a273601fbc001ef0bf747b094a4

SHA-1:

acece140a924378e123fd4d4ebc9afa43db2dfc2

SHA-256:

f1d28133699c2f871dacafe0492bfcb6659aa89f5ec97560b41cdc439202486f

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

4/25/2024 1:45:18 PM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

DLOADER.Trojan

9.0.1.0327

File size:

2.2 MB (2,323,912 bytes)

Product version:

1.08.36.0

Original file name:

rescue.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\winrescue 7\rescue.exe

Digital Signature

Signed by:

Super Win Software, Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

3/10/2010 12:00:00 AM

Valid to:

2/20/2011 11:59:59 PM

Subject:

CN="Super Win Software, Inc.", O="Super Win Software, Inc.", L=Ellsworth, S=Kansas, C=US

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

53406C42E5A5C7DF3E356F57A4F0FEA4

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:q7kMo23PitCm8WmAhumfC90e6cpV4V8Kk6cgkFIJDK14vVzlxr:wkSPG84Vjk6kqK14Nzj

Entry address:

0x161B18

Entry point:

55, 8B, EC, B9, 14, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 88, 16, 56, 00, E8, 10, 59, EA, FF, 8B, 1D, B0, 65, 56, 00, 33, C0, 55, 68, C9, 29, 56, 00, 64, FF, 30, 64, 89, 20, B8, 14, B3, BD, 00, E8, 32, 32, EA, FF, A1, AC, 62, 56, 00, 8B, 00, E8, 2A, E1, F0, FF, A1, AC, 62, 56, 00, 8B, 00, BA, E0, 29, 56, 00, E8, 25, DD, F0, FF, A1, AC, 62, 56, 00, 8B, 00, BA, F4, 29, 56, 00, E8, 14, DD, F0, FF, 8B, CB, A1, AC, 62, 56, 00, 8B, 00, 8B, 15, 50, 21, 52, 00, E8, 0C, E1, F0, FF, 8B, 0D, C4, 62... 
[+]

Entropy:

6.5646

Developed / compiled with:

Microsoft Visual C++

Code size:

1.4 MB (1,449,472 bytes)

The file rescue.exe has been discovered within the following program.

WinRescue 7 by Super Win Software, Inc.

Publisher's description - “WinRescue backs up the Registry and important configuration files, packs the Registry, provides fivefold protection from system crashes, backs up any and all files that you desire, and much more.”

www.superwin.com/rescue7.htm

26% remove it

Scan rescue.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.