How to remove $RF8DCYW.exe
- File Details
- Overview
- Analysis
$RF8DCYW.exe
The module $RF8DCYW.exe has been detected as Adware.Amonetize
File Details
MD5: |
48514d6aa4696a8fde76049b3c21da18 |
Size: |
1 MB |
First Published: |
2017-05-27 08:00:56 (6 years ago) |
Latest Published: |
2020-10-18 22:20:39 (3 years ago) |
Status: |
Adware.Amonetize (on last analysis) |
|
Analysis Date: |
2020-10-18 22:20:39 (3 years ago) |
Overview
%sysdrive%\torrentex |
%sysdrive%\$recycle.bin\s-1-5-21-2865926441-479222758-3681480021-1000 |
%sysdrive%\sandbox\a-kris1961\defaultbox\drive\c\torrentex |
%sysdrive% |
%sysdrive% |
%sysdrive% |
unins000.exe |
$RF8DCYW.exe |
|
16.3% |
|
|
16.3% |
|
|
7.0% |
|
|
7.0% |
|
|
7.0% |
|
|
7.0% |
|
|
7.0% |
|
|
4.7% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
|
2.3% |
|
Windows 7 |
48.8% |
|
Windows 10 |
37.2% |
|
Windows 8.1 |
9.3% |
|
Windows XP |
2.3% |
|
Windows 8 |
2.3% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x00100004 |
Name |
Size of data |
MD5 |
.text |
1037312 |
69351d25c67a0d26ae98293518b48c7b |
.itext |
5120 |
6af5b74ebcd128d62db3adf99a2fdade |
.data |
12800 |
e451917917f4a9d9e9f972f25b034fdf |
.bss |
0 |
00000000000000000000000000000000 |
.idata |
14848 |
43c0f118777059b21ad6a5849b132450 |
.tls |
0 |
00000000000000000000000000000000 |
.rdata |
512 |
3f4821d98c8d2f792b0e23905609a7d6 |
.rsrc |
103424 |
c8e4fd80fbcdcdf69bf09df3b5e3c9f6 |