home

slowin killer.exe

This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SlowinKiller’. The file has been seen being downloaded from www.security-helpzone.com and multiple other hosts.
Description:
Slowin' Killer

Version:
2.0.5.0

MD5:
ba2b3d5daf225aadce9030b4f93a7fb8

SHA-1:
09991b162f77eebc2e8562294151aee02adb1a0e

SHA-256:
600aa0bd67a2e6b2dab09c73ee069216acb30afffd56d7e3cde9ab59882f6485

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 6:59:59 AM UTC  (today)

File size:
1.2 MB (1,259,520 bytes)

Product version:
3.3.13.2

Copyright:
Security-HelpZone

File type:
Executable application (Win32 EXE)

Language:
French (France)

Common path:
C:\Program Files\slowin killer\slowin killer.exe

File PE Metadata
Compilation timestamp:
7/15/2014 12:47:47 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:AaUxwk1euaMN9P6Zm4mimOEDWiCaHkd452Itr9ZB/JZFvaI:OwkcubvCk4HE6iCaHktaZBBjZ

Entry address:
0x25F69

Entry point:
E8, 75, CE, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, 60, A3, 4B, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, 58, 01, 4C, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00...
 
[+]

Code size:
559 KB (572,416 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SlowinKiller

Command:
C:\Program Files\slowin killer\slowin killer.exe --startup


The file slowin killer.exe has been discovered within the following program.

Slowin' Killer  by Security-HelpZone
About 3% of users remove it
 
Powered by Should I Remove It?

The file slowin killer.exe has been seen being distributed by the following 2 URLs.

http://www.security-helpzone.com/download/.../Slowin Killer.exe

http://www.commentcamarche.net/download/.../download-34087037-

Scan slowin killer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.