home

tdsskiller.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from media.kaspersky.com.
MD5:
82e2ad13d530836aae613c1bd226b64f

SHA-1:
1ff62210722ea5855168de9462c5ff56b1af6677

SHA-256:
d4130be8530042f54183c5f3dedd1b2cb2b8e5ccf7b842817148be6b336437d7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 1:02:59 PM UTC  (today)

File size:
4 MB (4,193,752 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\tdsskiller.exe

File PE Metadata
Compilation timestamp:
12/12/2015 1:13:14 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
98304:ZdKzSF0IcjLaaDJPPG1sUDHAZIfauUDAlG:vKzEB0ueJXGftzUDAlG

Entry address:
0x3200

Entry point:
E8, 49, 04, 00, 00, E9, 78, FE, FF, FF, 55, 8B, EC, FF, 75, 08, E8, 9C, FD, FF, FF, 59, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, F6, 45, 08, 01, 56, 8B, F1, C7, 06, 54, 43, 41, 00, 74, 0A, 6A, 0C, 56, E8, D0, FF, FF, FF, 59, 59, 8B, C6, 5E, 5D, C2, 04, 00, 55, 8B, EC, 6A, 00, FF, 15, 7C, 40, 41, 00, FF, 75, 08, FF, 15, 78, 40, 41, 00, 68, 09, 04, 00, C0, FF, 15, 64, 40, 41, 00, 50, FF, 15, 80, 40, 41, 00, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, D1, F5, 00, 00, 85, C0, 74, 05, 6A...
 
[+]

Entropy:
7.9932  (probably packed)

Code size:
74 KB (75,776 bytes)

The file tdsskiller.exe has been seen being distributed by the following URL.

http://media.kaspersky.com/utilities/VirusUtilities/.../tdsskiller.exe

Scan tdsskiller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.