How to remove $RT1A1PA.exe
- File Details
- Overview
- Analysis
$RT1A1PA.exe
The module $RT1A1PA.exe has been detected as Trojan.Agent
File Details
| MD5: |
e88bcf83b706b8befdfb53e2c78ff85e |
| Size: |
477 KB |
| First Published: |
2018-10-16 21:03:31 (6 years ago) |
| Latest Published: |
2022-03-18 23:53:42 (3 years ago) |
| Status: |
Trojan.Agent (on last analysis) |
|
| Analysis Date: |
2022-03-18 23:53:42 (3 years ago) |
| %desktop% |
| %programfiles% |
| %profile%\asia nosek\pulpit\zrzuta |
| %profile%\downloads |
| %sysdrive%\downloads\gridinsoft.anti-malware.4.0.14.234\gridinsoft.anti-malware.4.0.14.234 |
| %sysdrive%\다운로드 |
| %sysdrive% |
| %sysdrive%\downloads |
| %sysdrive%\$recycle.bin |
| %desktop%\gridinsoft.anti-malware.4.0.14.234\gridinsoft.anti-malware.4.0.14.234 |
| Patch-GridinSoft.Anti-Malware.4.x.exe |
| $RT1A1PA.exe |
| Patch.exe |
| Patch 4.exe |
| $RZ0W8VN.exe |
| $RF5MQID.exe |
| $RKBUQ72.exe |
| $R3ARH7U.exe |
| $R7K47CY.exe |
| $RJ991DK.exe |
| $RGAGT5I.exe |
| $RSCO5CW.exe |
| GridinSoft Anti-Malware 4.x Patch.exe |
| Patch-GridinSoft.Anti-Malware.4.x (2018_10_18 07_16_23 UTC).exe |
| patch-gridinsoft.anti-malware.4.x.exe |
| $R33LOI3.exe |
| GridinSoft Anti-Malware v4 Patch.exe |
| $RIHWA6M.exe |
| $RBPILYD.exe |
| $R7S6SZG.exe |
| $RRKQ414.exe |
| $R5XR8RZ.exe |
| $RLAZ2X1.exe |
| $R3HAXGO.exe |
| $RMPDOE9.exe |
| $R4N6H4R.exe |
| $RE419HS.exe |
| $RQDD4JL.exe |
| $RIBA24J.exe |
| Patch-GridinSoft.Anti-Malware.4.x.exe.quarantined |
| Patch (Bicfic).exe |
| $R0HSE5U.exe |
| $RKXB396.exe |
| $R4FYN4Y.exe |
| $RJ2ZRBL.exe |
| Patch-GridinSoft.Anti-Malware.4.x.exe.BAK |
| $RSOGJX1.exe |
| $RXQH4XK.exe |
| trzAC1.tmp |
| Dc5.exe |
| Dc12.exe |
| $RT758DO.exe |
| Dc2.exe |
| $RHO9N0W.exe |
| $RGWHH8S.exe |
| $RTFUE8H.exe |
| $R6F07M2.exe |
| $RLG2SJY.exe |
| $RKTK0SP.exe |
| $RB9R8R7.exe |
| $R2KGIRG.exe |
| PATCH-GRIDINSOFT.ANTI-MALWARE.4.X.EXE |
| $RHF4V2M.exe |
| $RDRHW2I.exe |
| $RBLO3Z7.exe |
| $R6IAXDF.exe |
| $RBV1I5E.exe |
| $R30JG74.exe |
| $R6HJHHS.exe |
| Dc18.exe |
| $R6W3ZIR.exe |
| $RKC5E18.exe |
| $RLIF42I.exe |
| trzA4AC.tmp |
| $RDAI1F8.quarantined |
| $RJYMX7L.exe |
| $RTSDNRC.exe |
| $RMMK86I.exe |
| $RVUEPBC.exe |
| $RE05LC3.exe |
| $RL964MH.exe |
| $R9PZID2.exe |
| $RWJVLW6.exe |
| PATCH-~1.EXE |
| $R3N04UZ.exe |
| $RZPUK4J.exe |
| $ROFUQQU.exe |
| igetintopc.com_Patch.exe |
| Patch-GridinSoft.Anti-Malware.4.x_IObitDel.exe |
| $RMI8GXS.exe |
| $RB4WZY3.exe |
| $RBRO11Y.exe |
| $RBR09OG.exe |
| $RIOYYTP.exe |
| Fix.exe |
| $RQW7CRH.exe |
| A0032811.exe |
| A0294196.exe |
| A0294146.exe |
| $RNWW4H4.exe |
| $RQZJ6S4.exe |
| $RD88H9C.exe |
| $R12EAP8.exe |
| Patch.exe.quarantined |
| Patch GridinSoft Anti-Malware.4.x.exe |
| setup.exe |
| $RUP967F.exe |
| $RQ3UH3Y.exe |
| patch.exe |
| $RM1P4A8.exe |
| $RPFE02W.exe |
| A0084419.exe |
| A0084426.exe |
| $R2FHWB2.exe |
| Patch [Bicfic.com].exe |
| $RSD0AJK.exe |
| $RU867CV.exe |
| $RA24DOR.exe |
| $RGZ4PTW.exe |
| $RSIEVTE.exe |
| $R8C40O1.exe |
| $RW2HE8Z.exe |
| $RFVWE47.exe |
| $RZPRBOX.exe |
| A0057719.exe |
| $REXDSON.exe |
| $R85MSQ4.exe |
| $R3018FD.exe |
| $RVCKUM4.exe |
| $ROK6W34.exe |
| $R26AEGG.exe |
| Patch-GridinSoft.Anti-Malware.4.x(1).exe |
| $RRPO0SP.exe |
| $R25K3JE.exe |
| $RHIMBYN.quarantined |
| $RVCQATD.exe |
| $RIPDKZ9.exe |
| $REKQMW1.exe |
| $RLMZ2YC.exe |
| info.exe |
| $R3ZYW1B.exe |
| $R6UWM5K.exe |
| $RQGX6R7.exe |
| $RP1U0CL.exe |
| $RMIBN33.exe |
| $RSJU7YY.exe |
| $RORIVXX.exe |
| $R27IXGN.exe |
| $RNHR5W7.exe |
| $R6BTZIO.exe |
| $RCNCM58.exe |
| $R6RGBG7.exe |
| $R44TVQ5.exe |
| $RTCT2UC.exe |
| file.exe |
| $RGSCS84.exe |
| $RG4IRXZ.exe |
| $RFEV11U.exe |
| $RCB68JA.exe |
| $RNHHGCT.exe |
| $ROAOHTN.exe |
| $R04BEKT.exe |
| $RQMDRTS.exe |
| $RYUZ1E7.exe |
| $RQ1HA97.exe |
| $RD0S4IW.exe |
| $R7TWI3W.exe |
| $R4BBK50.exe |
| $RCCW36S.exe |
| $RLOYHL1.exe |
| $RJ5BZOF.exe |
| $RXS4AZK.exe |
| $RMO1KFX.exe |
| $REOF5S1.exe |
| $RTV715S.exe |
| Patch[1].exe |
| $RQ7K721.exe |
| $RRKLEOS.exe |
| $RPGKGHH.exe |
| $RJZVSJU.exe |
| $RJCA5B6.exe |
| $RQ7GP52.exe |
|
16.3% |
|
|
9.6% |
|
|
7.2% |
|
|
5.0% |
|
|
3.6% |
|
|
3.5% |
|
|
3.3% |
|
|
2.8% |
|
|
2.7% |
|
|
2.6% |
|
|
2.6% |
|
|
2.3% |
|
|
1.8% |
|
|
1.8% |
|
|
1.8% |
|
|
1.5% |
|
|
1.5% |
|
|
1.4% |
|
|
1.3% |
|
|
1.1% |
|
|
1.0% |
|
|
1.0% |
|
|
0.9% |
|
|
0.9% |
|
|
0.9% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.8% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 10 |
58.9% |
|
| Windows 7 |
31.7% |
|
| Windows 8.1 |
6.4% |
|
| Windows XP |
1.5% |
|
| Windows 8 |
1.0% |
|
| Windows Embedded Standard |
0.1% |
|
| Windows Embedded 8.1 |
0.1% |
|
| Windows Vista |
0.1% |
|
| Windows Server 2016 |
0.1% |
|
| Windows Server 2008 R2 |
0.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0000102b |
| Name |
Size of data |
MD5 |
| .text |
512 |
4c584307e5aa70f515ee8c3d942e5f6c |
| .rdata |
512 |
e5aa65265e17d8a1b524adbc10c0a1ad |
| .data |
512 |
f8fedf1be1122ff5cd0e5b4716311cc5 |
| .rsrc |
485888 |
212b8f1ece0ea9d752b95b64df6f56e9 |
| .reloc |
512 |
2e6554ffc943448b686d85ad68f9ec9a |
