How to remove $RXX9YFZ.exe
- File Details
- Overview
- Analysis
$RXX9YFZ.exe
The module $RXX9YFZ.exe has been detected as Trojan.LoadMoney
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
90ab20901fa24ee6c181c52f727d77ac |
| Size: |
1 MB |
| First Published: |
2020-11-11 08:07:55 (4 years ago) |
| Latest Published: |
2024-10-13 23:01:27 (10 months ago) |
| Status: |
Trojan.LoadMoney (on last analysis) |
|
| Analysis Date: |
2024-10-13 23:01:27 (10 months ago) |
Overview
| %sysdrive%\$recycle.bin |
| %profile%\downloads |
| %profile%\downloads |
| %profile%\downloads |
| %profile%\downloads |
| %sysdrive%\$recycle.bin |
| %desktop% |
| %sysdrive% |
| %profile% |
| %desktop% |
| Russia |
53.3% |
|
| Ukraine |
26.7% |
|
| Kyrgyzstan |
6.7% |
|
| Germany |
6.7% |
|
| United Arab Emirates |
6.7% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0001181c |
| Name |
Size of data |
MD5 |
| .text |
62464 |
0da5d73ffbc41792fa65a09058a91476 |
| .itext |
4096 |
2eb275566563c3f1d0099a0da7345b74 |
| .data |
3584 |
73b859e23f5fd17e00c08db2e0e73dfe |
| .bss |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .idata |
4096 |
e9b9c0328fd9628ad4d6ab8283dcb20e |
| .tls |
0 |
d41d8cd98f00b204e9800998ecf8427e |
| .rdata |
512 |
3dffc444ccc131c9dcee18db49ee6403 |
| .rsrc |
159232 |
75b6b6d3eaf096c5bc6b2ebd270d11cc |
