How to remove system32.exe
- File Details
- Overview
- Analysis
system32.exe
The module system32.exe has been detected as Trojan.Disfa
File Details
Product Name: |
|
Company Name: |
|
MD5: |
2809c27ff4dd7a526c79dc2082fec8b3 |
Size: |
120 KB |
First Published: |
2017-09-02 19:05:28 (7 years ago) |
Latest Published: |
2020-06-17 08:25:26 (4 years ago) |
Status: |
Trojan.Disfa (on last analysis) |
|
Analysis Date: |
2020-06-17 08:25:26 (4 years ago) |
%programs%\startup |
%commonappdata%\windows_loader\windows loader\1.0.0.0\temp |
%temp% |
%startup% |
%commonappdata%\windows_loader\windows loader\1.0.0.0 |
%commonappdata%\windows_loader\windows loader\1.0.0.0 |
60f0d0e0d2dd518d7530a18795742b3f.exe |
system32.exe |
|
36.4% |
|
|
27.3% |
|
|
18.2% |
|
|
9.1% |
|
|
9.1% |
|
Windows 7 |
75.0% |
|
Windows 10 |
25.0% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0001eb0e |
Name |
Size of data |
MD5 |
.text |
117760 |
e98f496321e8d64c32afd35d85e8c51e |
.sdata |
1024 |
df11e2e30ad0edda2223ac0db9d1ee0a |
.rsrc |
3072 |
327072627566dd3a7016e923c31f2e78 |
.reloc |
512 |
7e06831ec7ab85dd952b5be3722a561a |