home

reimagerepair.exe

The application reimagerepair.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from cdnrep.reimage.com.
MD5:
a480f04fda59a6fdc61e8ba6cf63ca3d

SHA-1:
35804d0b9cb07250c33982bb237bf8a6d1106ef8

SHA-256:
273972f04005fdb5670d6724aa7469d34fcc1fff116386c89563b049e23ef286

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/20/2024 1:09:32 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Reimage (L)
16.7.25.15

File size:
777.4 KB (796,108 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\reimagerepair.exe

File PE Metadata
Compilation timestamp:
2/24/2012 8:20:04 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:igYLyhHHZbukCsXxGuGrLE9YzewxnK3RTo9+phNxO0gcCre50ET3cfE/KyZESelY:i/LyhHHZukCuWXE0pnmq4X0EwfE/PC8

Entry address:
0x38AF

Entry point:
F8, F6, 46, 14, 04, 5F, 74, 0A, 50, FF, 75, 08, FF, 15, 3C, 90, 40, 00, F6, 46, 14, 10, 74, 21, 8B, 46, 08, 89, 45, F4, 8B, 46, 0C, 85, C0, 74, 07, 50, FF, 15, 44, 90, 40, 00, 8D, 45, F4, 50, FF, 15, 48, 90, 40, 00, 89, 46, 0C, 8B, 46, 0C, EB, 02, 33, C0, 5E, C9, C2, 08, 00, 68, F0, A2, 40, 00, 68, A8, 30, 4D, 00, 68, 40, 62, 47, 00, E8, 81, 21, 00, 00, 50, E8, 94, 28, 00, 00, 50, E8, 91, 21, 00, 00, C3, 53, 55, 56, 57, BF, C0, F0, 4D, 00, 57, BE, FF, FF, 00, 00, E8, C1, 20, 00, 00, 0F, B7, D8, 8B, 0D, E4...
 
[+]

Code size:
29 KB (29,696 bytes)

The file reimagerepair.exe has been seen being distributed by the following URL.

http://cdnrep.reimage.com/.../ReimageRepair.exe

Remove reimagerepair.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.