home

reimagerepair.exe

Reimage Repair

Reimage

The application reimagerepair.exe, “Reimage Downloader” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from cdnrep.reimage.com.
Publisher:
Reimage

Product:
Reimage Repair

Description:
Reimage Downloader

Version:
1.536

MD5:
aa7029c35eead5bf6f5f23179a37a7c5

SHA-1:
412007d7b31e0dbb454fda840143ee0705e84297

SHA-256:
c498cbc0dd42858759092d01dc36a954686eb993d94529bfd4609ca0270d12ca

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 3:31:29 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Reimage (L)
16.8.10.15

File size:
763.5 KB (781,790 bytes)

Product version:
1.536

Copyright:
© Reimage 2016

Trademarks:
Reimage

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\reimagerepair.exe

File PE Metadata
Compilation timestamp:
2/24/2012 11:19:59 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:9EEvVPOiS5LHMJ7uHdb0OSn29SzAp92BGEAJygn2P+57htL3fFwP8FMo7F/BCh:9f9Wi+LHMEBSzApIB/DenL9Q3oB/C

Entry address:
0x30C000

Entry point:
B9, F5, 1E, 2F, 00, 68, 24, C0, 70, 00, 5E, 90, BF, 98, 05, 00, 00, 90, 90, FF, 34, 3E, 31, 0C, 24, 8F, 04, 3E, 90, 90, 83, EF, 03, 4F, 90, 90, 75, ED, 90, 90, 1D, 63, 2E, 00, F5, 1E, 2F, 00, F5, 1E, 6F, 00, 16, 27, 2F, 00, 45, 28, 26, 00, 2B, 23, 26, 00, F5, AE, 2D, 00, F4, 1E, 2F, 00, 95, 9E, 6F, 00, 7F, BE, 6F, 00, 6D, BE, 6F, 00, 8D, 8E, 2F, 00, 7D, BE, 2F, 00, 63, BE, 2F, 00, 95, 6A, 2F, 00, 7D, BE, 2F, 00, 63, BE, 2F, 00, F5, 1E, 2F, 00, F5, 1E, 2F, 00, F5, 1E, 2F, 00, F5, 1E, 2F, 00, F5, 1E, 2F, 00...
 
[+]

Entropy:
7.9054  (probably packed)

Code size:
28 KB (28,672 bytes)

The file reimagerepair.exe has been seen being distributed by the following URL.

http://cdnrep.reimage.com/rps/.../ReimageRepair.exe

Remove reimagerepair.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.