home

roboot64.exe

Tuneup Pro

TUNEUP PRO SOFTWARE SERVICES LLP

The application roboot64.exe by TUNEUP PRO SOFTWARE SERVICES LLP has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
TUNEUP PRO SOFTWARE SERVICES LLP  (signed and verified)

Product:
Tuneup Pro

Version:
1.08.0.5326

MD5:
fec2b68d2b47a69fe6254c2deee0fa80

SHA-1:
c9dcd7b9bf42f6dcfaac025875f42195c9f8c777

SHA-256:
b727d0c66e9031d6c6fd28ea67543d6dd48756e4e5343a52c1a938b9f217491b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 9:42:37 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TuneUpPro.Meta (M)
16.7.7.22

File size:
19.3 KB (19,736 bytes)

Copyright:
Copyright (C) 2013 TuneupPro.com, All rights reserved.

Trademarks:
Tuneup Pro

Original file name:
Tuneup Pro

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Windows\System32\roboot64.exe

Digital Signature
Signed by:
TUNEUP PRO SOFTWARE SERVICES LLP

Authority:
VeriSign, Inc.

Valid from:
9/24/2014 7:00:00 PM

Valid to:
9/25/2015 6:59:59 PM

Subject:
CN=TUNEUP PRO SOFTWARE SERVICES LLP, O=TUNEUP PRO SOFTWARE SERVICES LLP, L=Jaipur, S=Rajasthan, C=IN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
35D7DB9969A26A61EA6CD98715CB2023

File PE Metadata
Compilation timestamp:
7/30/2014 3:42:55 AM

OS version:
6.0

OS bitness:
Win64

Subsystem:
Native (none required)

Linker version:
8.0

CTPH (ssdeep):
384:6Tb1L0U3eNap8l0MUHEeG7WDGnYPLPBeMrrG:2qUeMOycWDGQ1rG

Entry address:
0x247C

Entry point:
48, 83, EC, 68, 48, 8D, 0D, 69, EF, FF, FF, E8, DC, F3, FF, FF, 48, 8D, 0D, 9D, EF, FF, FF, E8, D0, F3, FF, FF, 48, 8D, 0D, D1, EF, FF, FF, E8, C4, F3, FF, FF, 48, 8D, 0D, 45, EF, FF, FF, E8, B8, F3, FF, FF, 48, 8D, 0D, C9, F0, FF, FF, E8, AC, F3, FF, FF, E8, 27, 02, 00, 00, 33, D2, 48, 8D, 4C, 24, 30, 44, 8D, 42, 30, C6, 44, 24, 78, 00, E8, CE, 0A, 00, 00, 33, D2, 48, 8D, 44, 24, 30, 48, 89, 44, 24, 28, 48, 83, 64, 24, 20, 00, 8D, 4A, 02, 41, B9, 00, 10, 00, 00, 41, B8, 00, 00, 10, 00, C7, 44, 24, 30, 30...
 
[+]

Entropy:
6.1472

Code size:
9.5 KB (9,728 bytes)

Remove roboot64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.