How to remove 1591243426.exe
- File Details
- Overview
- Analysis
1591243426.exe
The module 1591243426.exe has been detected as Trojan.TrickBot
File Details
| MD5: |
4eb3407f9450f4eaa41664c203f2b8ef |
| Size: |
1 MB |
| First Published: |
2020-06-04 05:15:50 (3 years ago) |
| Latest Published: |
2020-09-19 17:26:36 (3 years ago) |
| Status: |
Trojan.TrickBot (on last analysis) |
|
| Analysis Date: |
2020-09-19 17:26:36 (3 years ago) |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %sysdrive%\windows.old\users\abrar mazid\appdata\local |
| %temp% |
| %temp% |
| %temp% |
| %temp% |
| %sysdrive%\windows.old\users\asus\appdata\local |
|
10.4% |
|
|
9.0% |
|
|
7.5% |
|
|
7.5% |
|
|
7.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
3.0% |
|
|
3.0% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
| Windows 10 |
66.2% |
|
| Windows 7 |
28.4% |
|
| Windows 8.1 |
4.1% |
|
| Windows Vista |
1.4% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0000326b |
| Name |
Size of data |
MD5 |
| .text |
25600 |
c3db412a38f3960c44c292549b21be26 |
| .rdata |
5120 |
ff2238780ac4c7099d13c72f0663eda0 |
| .data |
1536 |
40b80ca9c843c54385c408bd5f31c6f1 |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
4096 |
4fd221696ebbc82d88b5980cb0292329 |
