home

rt2rmr0jea.exe

Softacular

The application rt2rmr0jea.exe by Softacular has been detected as a potentially unwanted program by 16 anti-malware scanners.
Publisher:
Softacular  (signed and verified)

Version:
1.0.5400.13882

MD5:
d50fddc029bc41f1ad48c7922f41ff6b

SHA-1:
b6ba9d355f142bd6673fa68cc9d88b9ee8b0ab29

SHA-256:
70e659ae75134908e310138c58178cafbabac708b8d8eca5f90bc07e296b9388

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
5/19/2024 11:01:25 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/RocketTab.3886816.3
7.11.195.56

avast!
Win32:IBryte-GU [PUP]
2014.9-150519

AVG
Softacular
2016.0.3104

Baidu Antivirus
Adware.Win32.RocketTab
4.0.3.15519

Dr.Web
Trojan.iBryte.526
9.0.1.05190

ESET NOD32
MSIL/Adware.iBryte.G application
7.0.302.0

Fortinet FortiGate
Adware/IBryte
5/19/2015

F-Prot
W32/S-3ab11bd4
v6.4.7.1.166

G Data
Win32.Adware.Rockettab
15.5.24

Kaspersky
not-a-virus:AdWare.MSIL.RocketTab
15.0.0.543

McAfee
Program.Adware-RocketTab
17.6.569.0

Panda Antivirus
Trj/Chgt.H
15.05.19.09

Sophos
Generic PUA LG
4.98

Trend Micro House Call
TROJ_GEN.R00UC0EKO14
7.2.139

Trend Micro
TROJ_GEN.R00UC0EKO14
10.465.19

VIPRE Antivirus
Threat.4798837
39486

File size:
3.7 MB (3,886,816 bytes)

Product version:
1.0.5400.13882

Original file name:
Installer.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\rt2rmr0jea.exe

Digital Signature
Signed by:
Softacular

Authority:
COMODO CA Limited

Valid from:
3/23/2014 7:00:00 PM

Valid to:
3/24/2015 6:59:59 PM

Subject:
CN=Softacular, O=Softacular, STREET="4600 Madison Ave, 10th FL", L=Kansas City, S=Missouri, PostalCode=64112, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
753A79B32D5A96BF1872FDE1AC60DEEA

File PE Metadata
Compilation timestamp:
10/14/2014 3:43:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:p4XLq08NoLPgDbm0SFAD4KVjGNlVBav1CYtW:p4XLqfomb0FAcujGNpadRW

Entry address:
0x3AAC12

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.3693

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3.7 MB (3,837,440 bytes)

Remove rt2rmr0jea.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.