How to remove $ROKQ1YZ.exe
- File Details
- Overview
- Analysis
$ROKQ1YZ.exe
The module $ROKQ1YZ.exe has been detected as PUP.SlimWare
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
b646044ba5f0dd4ebb1e8d9a2bda7f46 |
| Size: |
958 KB |
| First Published: |
2017-08-06 13:05:57 (8 years ago) |
| Latest Published: |
2021-01-15 07:25:15 (4 years ago) |
| Status: |
PUP.SlimWare (on last analysis) |
|
| Analysis Date: |
2021-01-15 07:25:15 (4 years ago) |
Overview
| %profile%\downloads |
| %desktop%\nueva carpeta |
| %profile% |
| %sysdrive% |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5 |
| %sysdrive%\downloads |
| %sysdrive%\applications |
| %desktop% |
| %sysdrive%\$recycle.bin |
| %sysdrive%\new desktop and downloads |
| slimdrivers-2-3-1-0.exe |
| $ROKQ1YZ.exe |
| slimdrivers-2-3-1-0(1).exe |
| slimdrivers-2-3-1-0 (1).exe |
| slimdrivers-2-3-1-0 (2).exe |
| slimdrivers-2-3-1-0[1].exe |
| slimdrivers25-10-18.exe |
|
52.8% |
|
|
9.9% |
|
|
5.6% |
|
|
4.9% |
|
|
3.5% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
2.1% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
| Windows 7 |
51.0% |
|
| Windows 10 |
43.6% |
|
| Windows 8.1 |
3.4% |
|
| Windows XP |
1.3% |
|
| Windows Server 2008 R2 |
0.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0002f69c |
| Name |
Size of data |
MD5 |
| .text |
307200 |
6617c31f95ebe2c3c64990a0d2cd8809 |
| .rdata |
86016 |
c4ad540251acd70e5d961e93ce0ea3b8 |
| .data |
16384 |
e94d758f31f34247d03cdcc2f053702a |
| .rsrc |
512000 |
3e172c8864f7f0823a1f41cebf0e6c62 |
| .reloc |
49152 |
f1ba8b49fcbdb453d34cc5f30867a5a7 |
