Online Virus Checker | v.1.0.191.174 |
DB Version: | 2024-09-28 02:00:23 |
InstallCore is a framework used by software developers to distribute their applications. It is not inherently malicious, but it is often used with potentially unwanted programs (PUPs) and adware for hidden bundling software with additional tools without clear user consent.
File | Xeno_47911164.exe |
Checked | 2024-09-27 23:18:54 |
MD5 | b726cc5078806b50c418921d57f8f797 |
SHA1 | 0a37e18e10e28c0a68f55811871d9447eaf2bee9 |
SHA256 | 4ba7ce4ec3c08b39944405e6b3cc707c70573a9c0281a10249f84d135391d8f3 |
SHA512 | 39454c17d0eaaa1cb4769d436fa68f3d2dac1111265943ced235f770e3badc68992b83b143ec295210c30032fbbd5239a743cdb16936268fbd8c9a6219afc68b |
Imphash | c3d3199e9292f8511553ab66f305c783 |
File Size | 348576 bytes |
Gridinsoft has the capability to identify and eliminate Adware.Win32.InstallCore.vl!c without requiring further user intervention.
Image Base: | 0x00400000 |
Entry Point: | 0x00415fbd |
Compilation: | 2024-09-27 13:50:36 |
Checksum: | 0x0005c72b (Actual: 0x0005c72b) |
OS Version: | 6.0 |
PDB Path: | C:\Users\Samim\Desktop\Installer\Release\Installer.pdb |
PEiD: | PE32 executable (GUI) Intel 80386, for MS Windows |
Sign: | OK |
Sections: | 5 |
Imports: | COMCTL32, KERNEL32, USER32, GDI32, ADVAPI32, SHELL32, urlmon, WININET, |
Exports: | 0 |
Resources: | 1 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00001000 | 0x00038888 | 0x00038a00 | 4a51cae3efe3de2a33092fc9364fa62e | 6.67 |
.rdata | 0x0003a000 | 0x0001466c | 0x00014800 | 8fffead2d17ffd6d5eedecb7352252b7 | 5.42 |
.data | 0x0004f000 | 0x000028d4 | 0x00001600 | 66ee0ad6dfe70d61ed4722b08e1e3d55 | 3.78 |
.rsrc | 0x00052000 | 0x00000298 | 0x00000400 | 6598ba272d10d0e631f1ab07927dfd6f | 3.91 |
.reloc | 0x00053000 | 0x00003470 | 0x00003600 | db3673b80638b4fd60bfc30601d1f9cb | 6.54 |