How to remove 1591243426.exe
- File Details
- Overview
- Analysis
1591243426.exe
The module 1591243426.exe has been detected as Trojan.TrickBot
File Details
MD5: |
4eb3407f9450f4eaa41664c203f2b8ef |
Size: |
1 MB |
First Published: |
2020-06-04 05:15:50 (3 years ago) |
Latest Published: |
2020-09-19 17:26:36 (3 years ago) |
Status: |
Trojan.TrickBot (on last analysis) |
|
Analysis Date: |
2020-09-19 17:26:36 (3 years ago) |
%temp% |
%temp% |
%temp% |
%temp% |
%sysdrive%\windows.old\users\abrar mazid\appdata\local |
%temp% |
%temp% |
%temp% |
%temp% |
%sysdrive%\windows.old\users\asus\appdata\local |
|
10.4% |
|
|
9.0% |
|
|
7.5% |
|
|
7.5% |
|
|
7.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
4.5% |
|
|
3.0% |
|
|
3.0% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
|
1.5% |
|
Windows 10 |
66.2% |
|
Windows 7 |
28.4% |
|
Windows 8.1 |
4.1% |
|
Windows Vista |
1.4% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x00400000 |
Entry Address: |
0x0000326b |
Name |
Size of data |
MD5 |
.text |
25600 |
c3db412a38f3960c44c292549b21be26 |
.rdata |
5120 |
ff2238780ac4c7099d13c72f0663eda0 |
.data |
1536 |
40b80ca9c843c54385c408bd5f31c6f1 |
.ndata |
0 |
00000000000000000000000000000000 |
.rsrc |
4096 |
4fd221696ebbc82d88b5980cb0292329 |