How to remove $RI3QZPL.exe
- File Details
- Overview
- Analysis
$RI3QZPL.exe
The module $RI3QZPL.exe has been detected as PUP.Downloader
File Details
| MD5: |
0d93498a591cd0e9ba4143da6229f360 |
| Size: |
171 KB |
| First Published: |
2017-05-22 07:06:14 (7 years ago) |
| Latest Published: |
2020-11-20 15:21:05 (4 years ago) |
| Status: |
PUP.Downloader (on last analysis) |
|
| Analysis Date: |
2020-11-20 15:21:05 (4 years ago) |
Overview
| %localappdata%\temp |
| %localappdata%\mediaget2 |
| %temp%\mediaget-update-tmp |
| %profile%\ser\local settings\application data\mediaget2 |
| %profile%\адим\local settings\application data\mediaget2 |
| %sysdrive%\docume~1\casper\locals~1\temp |
| %sysdrive%\temp |
| %localappdata% |
| %temp% |
| %profile%\оля\local settings\application data |
| mediaget-uninstaller.exe |
| $RI3QZPL.exe |
| mediaget-uninstaller.exe.vir |
|
32.9% |
|
|
27.9% |
|
|
17.1% |
|
|
6.4% |
|
|
5.7% |
|
|
2.9% |
|
|
2.1% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
| Windows 7 |
63.8% |
|
| Windows 10 |
16.3% |
|
| Windows 8.1 |
12.1% |
|
| Windows XP |
6.4% |
|
| Windows 8 |
1.4% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0006c7a0 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
00000000000000000000000000000000 |
| UPX1 |
150016 |
610c903cd410fa5a65b78413c4000826 |
| .rsrc |
19968 |
431f18ac0a650a2550cc2a83da6e1e1b |
