How to remove $R4C9HE6.exe
- File Details
- Overview
- Analysis
$R4C9HE6.exe
The module $R4C9HE6.exe has been detected as Spy.Zbot
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
53c4072f15343fd545b4676aa5bfd099 |
| Size: |
44 MB |
| First Published: |
2017-08-10 20:09:44 (6 years ago) |
| Latest Published: |
2018-06-11 22:02:16 (5 years ago) |
| Status: |
Spy.Zbot (on last analysis) |
|
| Analysis Date: |
2018-06-11 22:02:16 (5 years ago) |
Overview
| %profile%\downloads |
| %sysdrive%\$recycle.bin\s-1-5-21-3645160988-3448384264-1084363188-1001 |
| %sysdrive%\filehistory\leeroy\desktop-een1n4u\data\c\users\leeroy |
| %sysdrive%\$recycle.bin |
| %profile% |
| %profile%\downloads\=samsung= |
| %profile%\downloads\saved downloads |
| %sysdrive%\i-téléchargements |
| %sysdrive%\$recycle.bin\s-1-5-21-2042916224-2951940368-548457532-1001 |
| NRT_v2.1.9.sfx.exe |
| $R4C9HE6.exe |
| NRT_v2.1.9.sfx (2017_08_14 18_12_32 UTC).exe |
| NRT_v2.1.9.sfx (2017_08_14 18_12_32 UTC) (2017_08_27 20_07_51 UTC).exe |
| $R2753LU.exe |
| $R2PDANL.exe |
| NRT_v2.1.9.sfx (1).exe |
|
41.2% |
|
|
41.2% |
|
|
5.9% |
|
|
5.9% |
|
|
5.9% |
|
| Windows 10 |
82.4% |
|
| Windows 7 |
17.6% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0001d7cb |
| Name |
Size of data |
MD5 |
| .text |
165888 |
d06d79869523ea3421d1bec81acb4dd3 |
| .rdata |
20480 |
ae7c16bd625a124b8fbf6ecc9002c4ff |
| .data |
5632 |
6754819d963e719555064632286f5a0d |
| .rsrc |
166912 |
1d20923c77a818473b1009f6d801dcfe |
