home

rmdptor.exe

MD5:
1a9de9d1af35b56dcda5b8e6a183e298

SHA-1:
0c96d0041c0c1bc220868815971ab554e85f7765

SHA-256:
1325221dc86de12c4cb3804ce0a7507f3d4f024ccf0b0d7a705aeb7c07bd675c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 4:00:41 AM UTC  (today)

File size:
25.4 KB (25,968 bytes)

File type:
Executable application (Win64 EXE)

File PE Metadata
OS version:
60364.37117

OS bitness:
Win64

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:CaygSQIGrIZst0YboZG4ffVVPjuVeS5mL7TDr4DiQ2:ZoGrIZst0TZxNVxbDsGQ2

Entry address:
0x1920

Entry point:
4D, 5A, 70, 01, 33, 00, 06, 00, 04, 00, DE, 00, FF, FF, B1, 06, 00, 08, 00, 00, 72, 17, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 1D, 18, 00, 00, AA, 18, 00, 00, 20, 19, 00, 00, 72, 19, 00, 00, 97, 19, 00, 00, CA, 19, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, CC, EB, FD, 90, 90, 90, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 53, 89, D3, 3D, 01, 00, 7E, 08, 8B, 47, 02, E8, 5E, 15, 5B, C3, 31, C0, E8, 57, 15, 5B, C3, 00, 00, 00, 00, 00, 00, 00, 00, 00, 53, 51, 57, 89, C3, C7, 87, 32, 02, 52, 03, C7, 87, FA, 01, 00...
 
[+]

Entropy:
6.8931

The file rmdptor.exe has been seen being distributed by the following 3 URLs.

http://www.avg.hu/download/.../rmdptor.exe

http://aa-download.avg.com/filedir/util/.../rmdptor.exe

http://download.avg.com/filedir/util/.../rmdptor.exe

Scan rmdptor.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.