How to remove $REBYWQU.exe
- File Details
- Overview
- Analysis
$REBYWQU.exe
The module $REBYWQU.exe has been detected as Hack.Patcher
File Details
| MD5: |
89504912f9ef4346b842debdd913c9b3 |
| Size: |
914 KB |
| First Published: |
2020-04-19 03:15:22 (4 years ago) |
| Latest Published: |
2022-07-08 23:58:13 (2 years ago) |
| Status: |
Hack.Patcher (on last analysis) |
|
| Analysis Date: |
2022-07-08 23:58:13 (2 years ago) |
| %sysdrive%\$recycle.bin |
| %desktop% |
| %desktop% |
| %programfiles% |
| %programfiles% |
| %sysdrive%\$recycle.bin |
| %sysdrive%\a\abbaspc.net_gridinsoft anti-_ 4.1.40 |
| %profile%\downloads |
| %temp%\rar$exb0.900\gridinsoft.anti-malware.4.1.40_yasdl.com |
| %desktop%\gridinsoft anti-malware 4.1.40 multilingual |
|
13.2% |
|
|
10.3% |
|
|
4.9% |
|
|
4.9% |
|
|
4.9% |
|
|
4.1% |
|
|
3.3% |
|
|
3.3% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
2.5% |
|
|
2.5% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
1.6% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
1.2% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
| Windows 10 |
73.9% |
|
| Windows 7 |
19.4% |
|
| Windows 8.1 |
5.9% |
|
| Windows 8 |
0.8% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0000102b |
| Name |
Size of data |
MD5 |
| .text |
512 |
4c584307e5aa70f515ee8c3d942e5f6c |
| .rdata |
512 |
e5aa65265e17d8a1b524adbc10c0a1ad |
| .data |
512 |
f8fedf1be1122ff5cd0e5b4716311cc5 |
| .rsrc |
932864 |
78e8444985634eb394c47d0e2033a88b |
| .reloc |
512 |
2e6554ffc943448b686d85ad68f9ec9a |
