How to remove $R0THPZ1.exe
- File Details
- Overview
- Analysis
$R0THPZ1.exe
The module $R0THPZ1.exe has been detected as Hack.Gen
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
4798ec7788a4d768005489abbc8814d7 |
| Size: |
695 KB |
| First Published: |
2017-08-23 07:22:41 (7 years ago) |
| Latest Published: |
2020-03-19 20:47:57 (4 years ago) |
| Status: |
Hack.Gen (on last analysis) |
|
| Analysis Date: |
2020-03-19 20:47:57 (4 years ago) |
Overview
| %programfiles%\putty |
| %sysdrive%\$recycle.bin\s-1-5-21-4229025512-90616111-1513494145-1000 |
| %profile%\downloads |
| %desktop%\portable_free\programs\internet\puttyportable\app\putty |
| %desktop%\neuer ordner (6) |
| %profile%\desktop |
| %profile%\downloads\puttyportable\app\putty |
| %profile%\google drive\win kvm\source.zip\source |
| %programfiles% |
| %sysdrive%\back_sousa |
| putty.exe |
| $R0THPZ1.exe |
| PUTTY.EXE |
| putty (1).exe |
| PUTTY (2017_08_12 19_32_27 UTC).EXE |
| Enigma 2 Putty.exe |
| Baixaki_putty.exe |
|
12.7% |
|
|
9.1% |
|
|
9.1% |
|
|
5.5% |
|
|
5.5% |
|
|
5.5% |
|
|
5.5% |
|
|
5.5% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
|
3.6% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
| Windows 7 |
53.6% |
|
| Windows 10 |
35.7% |
|
| Windows 8.1 |
8.9% |
|
| Windows Server 2012 |
1.8% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0005c728 |
| Name |
Size of data |
MD5 |
| .text |
502784 |
189e2e6e60df3524eb115c252359a402 |
| .rdata |
154624 |
16b8a760d45736cd17af2ce21ff256e7 |
| .data |
4608 |
dff1b8c935bd3ba5a6c58be686134691 |
| .rsrc |
12288 |
2920aac29bba89a43725d4e80f639e91 |
| .reloc |
24576 |
629da1c5c502f42842bc142a6f3cb622 |
