How to remove $RFQDB2R.exe

» File
File Details
Overview
Analysis

$RFQDB2R.exe

The module $RFQDB2R.exe has been detected as Trojan.LoadMoney

$RFQDB2R.exe

Remove $RFQDB2R.exe

File Details

Main Info:

Product Name:	Download Studio
Company Name:	Grand Media LLC
MD5:	a6da85e3526476f558163aa4ace9af2a
Size:	1 MB
First Published:	2020-06-03 15:03:09 (3 years ago)
Latest Published:	2020-11-10 07:32:24 (3 years ago)

Analysis:

Status:	Trojan.LoadMoney (on last analysis)
Analysis Date:	2020-11-10 07:32:24 (3 years ago)

Overview

Digital Signature

Signed By:	GRAND MEDIA, TOV
Status:	Valid

Common Places:

%sysdrive%\$recycle.bin

%sysdrive%\$recycle.bin

%profile%

%profile%

%profile%

%profile%

Geography:

	66.7%
	33.3%

OS Version:

Windows 10	83.3%
Windows 7	16.7%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0001181c

PE Sections:

Name	Size of data	MD5
.text	62464	0da5d73ffbc41792fa65a09058a91476
.itext	4096	2eb275566563c3f1d0099a0da7345b74
.data	3584	73b859e23f5fd17e00c08db2e0e73dfe
.bss	0	00000000000000000000000000000000
.idata	4096	e9b9c0328fd9628ad4d6ab8283dcb20e
.tls	0	00000000000000000000000000000000
.rdata	512	3dffc444ccc131c9dcee18db49ee6403
.rsrc	159232	a75b5a166d5b18d8d78e71c4991f64ef

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for $RFQDB2R.exe

copyright for information about $RFQDB2R.exe