How to remove $RXIJ7D3.exe
- File Details
- Overview
- Analysis
$RXIJ7D3.exe
The module $RXIJ7D3.exe has been detected as Spy.Keylogger
File Details
| MD5: |
22a266b91c7f6fcb17aa561c7f387de2 |
| Size: |
1 MB |
| First Published: |
2021-07-24 20:32:26 (3 years ago) |
| Latest Published: |
2021-09-10 20:31:51 (3 years ago) |
| Status: |
Spy.Keylogger (on last analysis) |
|
| Analysis Date: |
2021-09-10 20:31:51 (3 years ago) |
| %sysdrive%\$recycle.bin |
| %sysdrive%\$recycle.bin\s-1-5-21-2768277337-1098346045-3822836727-1001 |
| %sysdrive%\$recycle.bin |
| %temp% |
| %temp% |
| %sysdrive%\$recycle.bin\s-1-5-21-3800555404-4169572982-2628170407-1000 |
| %sysdrive%\$recycle.bin |
| %temp% |
| Windows 10 |
87.5% |
|
| Windows 7 |
12.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000d734c |
| Name |
Size of data |
MD5 |
| .text |
1060352 |
20fcf9736f684d624f70cd6163eb7625 |
| .dgerert |
4096 |
7d50cafc8885fac9b26abd8bb735a505 |
| .dgerert |
9216 |
c6c95d1f10e23ca808ec2368e849b1b9 |
| .dgerert |
1024 |
17ff0eb8d48002b01a46877ea7b5d04b |
| .dgerert |
1024 |
7359b1b3cf598ae5f7d4d57cbdeed1ec |
| .dgerert |
4608 |
e0b75572d94b71bce78967f064d75ab9 |
| .dgerert |
3584 |
83563a682d0b83aa5b0e288ad979d250 |
| .dgerert |
3072 |
75c5c4174cba183914304dd3337aa0c6 |
| .rdata |
190464 |
cfcb6b1c83042356d79a664d05486efd |
| .data |
11264 |
1f0dae87aed8a0ed81b6d0c169dfb8b6 |
| .dgerert |
512 |
bf619eac0cdf3f68d496ea9344137e8b |
| .rsrc |
159744 |
101b90df79cf88efbe5f995f9d50e795 |
| .reloc |
34304 |
a657b8b9a64fce0bc414246f072dfff6 |
