How to remove $R2HNLZA.exe
- File Details
- Overview
- Analysis
$R2HNLZA.exe
The module $R2HNLZA.exe has been detected as Trojan.Khalesi
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
8f4628860a121af82d8426f8ec5e8bce |
| Size: |
968 KB |
| First Published: |
2023-09-28 23:16:01 (2 years ago) |
| Latest Published: |
2023-12-21 23:19:34 (2 years ago) |
| Status: |
Trojan.Khalesi (on last analysis) |
|
| Analysis Date: |
2023-12-21 23:19:34 (2 years ago) |
| %sysdrive%\$recycle.bin |
| %programfiles%\autohotkey |
| %profile%\downloads\autohotkey_1.1.37.01_setup.exe |
| %programfiles%\autohotkey |
| %programfiles%\autohotkey |
| %programfiles%\autohotkey |
| %programfiles%\autohotkey |
| %programfiles%\autohotkey |
| %programfiles%\autohotkey |
|
33.3% |
|
|
22.2% |
|
|
22.2% |
|
|
11.1% |
|
|
11.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0009d2f0 |
| Name |
Size of data |
MD5 |
| .text |
704512 |
40081e2df661082b0a3d5b9047e6e0ea |
| .rdata |
156160 |
cbda092e0ec7ab635b60505424c96b3f |
| .data |
13312 |
575b9d484a77ae6a9498d5f783b0fd00 |
| .rsrc |
116736 |
c9abff44507aeaf52ea92608540b2c23 |
