| File Name | AdLock.exe |
| File Type |
PE32+ executable (GUI) x86-64, for MS Windows
|
| Scanner Version | 1.0.165.174 |
| Database Version | 2024-02-21 13:00:22 UTC |
Malware family: Gen
| Hash Type | Value | Action |
|---|---|---|
| MD5 |
7e3777988178ac3439249dd0a12a0d0e
|
|
| SHA1 |
73bd88d8d80ca8034bcc404654fff1fce8900cf0
|
|
| SHA256 |
0751372ffcbd7badab20db3d7950a2d36e2b1d1ef1304a1dd350fccfee436f01
|
|
| SHA512 |
72021d33b83f6cb4f38a9b8763f6a164079d52348ef54c7152496b6519d8bbe22ce5b70fa3ed1d4aed52e18870d002a03e8a272461b7ca96526468b82a171103
|
|
| ImpHash |
32f7bf8e11031325f29a06e430851580
|
| Icon |
Hash: 8250ec0f5cf50a1147a4e961231f6f6e
Fuzzy: 0e12f51326fc03886aef876083733a1c dHash: 68d4cce89892c468 |
| Image Base | 0x140000000 |
| Entry Point | 0x14002112c |
| Compilation Time | 2024-02-15 15:00:26 |
| Checksum | 0x00141f03 (Actual: 0x00141f03) |
| OS Version | 6.0 |
| PEiD Signatures |
PE32+ executable (GUI) x86-64, for MS Windows
|
| Digital Signature | OK |
| Imports |
9 libraries
KERNEL32, USER32, GDI32, ADVAPI32, SHELL32, ole32, OLEAUT32, COMCTL32, WINHTTP |
| Exports | 0 functions |
| Resources | 22 Resources |
| Sections | 7 Sections |
| CompanyName | Hankuper s.r.o. |
| FileDescription | AdLock |
| FileVersion | 2.1.5.3 |
| InternalName | AdLock |
| LegalCopyright | (c) Hankuper s.r.o. |
| LegalTrademarks | AdLock is registered trademark of Hankuper s.r.o. |
| OriginalFilename | AdLock.exe |
| ProductName | AdLock for Windows |
| ProductVersion | 2.1.5.3 |
| Translation | 0x0000 0x04e4 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Characteristics | MD5 |
|---|---|---|---|---|---|---|
.text |
0x00001000 |
296,732 bytes | 296,960 bytes | 6.47 (Normal) |
IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ
|
63DC412E8AC2C96E0D4310AF4A1B8E48 |
.rdata |
0x0004a000 |
107,764 bytes | 108,032 bytes | 4.94 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
CF8CEBE89E4EBD3D10028D8B1ACE6B84 |
.data |
0x00065000 |
13,884 bytes | 6,656 bytes | 3.16 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE
|
228C5F4024E8898CF2B99B77E8244175 |
.pdata |
0x00069000 |
14,208 bytes | 14,336 bytes | 5.64 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
8FBD9EAE627E068C4080EB2AB84BBFAD |
_RDATA |
0x0006d000 |
500 bytes | 512 bytes | 4.21 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
433A1685941AC8118F1507580BF10A91 |
.rsrc |
0x0006e000 |
859,448 bytes | 859,648 bytes | 2.40 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ
|
D769A71EFD83877BA434C6A1B1AC078B |
.reloc |
0x00140000 |
2,876 bytes | 3,072 bytes | 5.33 (Normal) |
IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ
|
7519C54EA535854147BCF511E2A68F9F |
| Resource Type | Count | Total Size | Percentage |
|---|---|---|---|
| RT_ICON | 12 | 856,224 bytes | |
| RT_MENU | 1 | 74 bytes | |
| RT_DIALOG | 1 | 308 bytes | |
| RT_STRING | 2 | 106 bytes | |
| RT_ACCELERATOR | 1 | 16 bytes | |
| RT_GROUP_ICON | 3 | 186 bytes | |
| RT_VERSION | 1 | 840 bytes | |
| RT_MANIFEST | 1 | 402 bytes |
This file is not digitally signed.
⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources
OK
Gridinsoft has the capability to identify and eliminate PUP.Win64.Gen.dd!c without requiring further user intervention.
Download Anti-MalwareFollow these steps to completely remove the threat from your system
