How to remove $R9GCSTP.exe
- File Details
- Overview
- Analysis
$R9GCSTP.exe
The module $R9GCSTP.exe has been detected as General Threat
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
7b641e136f446860c48a3a870523249f |
| Size: |
214 KB |
| First Published: |
2017-05-22 11:23:23 (8 years ago) |
| Latest Published: |
2024-09-07 23:01:10 (a year ago) |
| Status: |
General Threat (on last analysis) |
|
| Analysis Date: |
2024-09-07 23:01:10 (a year ago) |
| %desktop%\lock\001 a my tools\nir soft\nirsoft |
| %desktop%\lock\security\nir soft\nirsoft |
| %sysdrive%\$recycle.bin\s-1-5-21-926333572-1141172302-625575263-1000 |
| %localappdata%\temp |
| %sysdrive%\windows.old\windows\system32\config\systemprofile\appdata\local |
| %temp% |
| %sysdrive%\downloads\downloads\passwordstealer-master |
| %profile%\yandexdisk\документы\soft 2013\autoplay\docs |
| %profile%\yandexdisk\документы\soft 2013\autoplay\docs\249.exe |
| %desktop% |
| chromepass.exe |
| $R9GCSTP.exe |
| WebBrowserPassView3.exe |
| ChromePass.exe |
| 7.exe |
| ChromePass.exe.mwt |
| chromepass.exe.mwt |
|
25.4% |
|
|
23.9% |
|
|
11.9% |
|
|
10.4% |
|
|
7.5% |
|
|
3.0% |
|
|
3.0% |
|
|
3.0% |
|
|
3.0% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
| Windows 10 |
70.6% |
|
| Windows 7 |
26.5% |
|
| Windows 8.1 |
1.5% |
|
| Windows 8 |
1.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0002ae90 |
| Name |
Size of data |
MD5 |
| .text |
173568 |
8364ea60857e0839dd111b0cd99a4c41 |
| .rdata |
29184 |
ddb4af9e4385704ad212edd9286d6620 |
| .data |
3584 |
bf7259f21ab19686e450616820d44df9 |
| .rsrc |
11776 |
a418f38aa6e597a29294b21d8b7e17ba |
