How to remove 16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe

16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe

The module 16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe has been detected as General Threat

16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe
Remove 16wWMnzg2TFTs5hQKZ4n

File Details

Product Name:

PHP
Company Name:

The PHP Group
MD5: 7a962afc3d437a5046c3ade4ed6e2696
Size: 66 KB
First Published: 2017-07-10 06:04:43 (7 years ago)
Latest Published: 2020-11-20 20:18:54 (3 years ago)
Status: General Threat (on last analysis)
Analysis Date: 2020-11-20 20:18:54 (3 years ago)

Common Places:

%programfiles%\plesk\additional\pleskphp56
%localappdata%\temp
%programfiles%\php\v5.6
%programfiles%\iis express\php\v5.6
%localappdata%\microsoft\web platform installer\installers\php56\b5b8ad6b0996f97e3521e20b0a74fdb255a2dca9
%programfiles%\iis express\php
%programfiles%\php
%localappdata%\microsoft\web platform installer\installers\php56foriisexpress\b5b8ad6b0996f97e3521e20b0a74fdb255a2dca9
%sysdrive%
%sysdrive%\hwsnginxmaster\php

File Names:

php.exe
16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe

Geography:

25.8%
12.9%
9.7%
6.5%
6.5%
6.5%
6.5%
6.5%
3.2%
3.2%
3.2%
3.2%
3.2%
3.2%

OS Version:

Windows 10 50.0%
Windows 7 23.3%
Windows Server 2008 R2 13.3%
Windows Server 2016 6.7%
Windows Server 2012 R2 3.3%
Windows 8.1 3.3%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0000a326

PE Sections:

Name Size of data MD5
.text 39424 49537e7876b2cee58d76c7c7250b03c9
.rdata 16384 7479dc3c523aa2ef91319be91893c5c4
.data 1536 d974c19ed58a6acc29794c4385139d31
.rsrc 4096 0cb3e0f808c649adc76dbcdb3355cf64
.reloc 5632 348854be0a969d9e768c649813bbf9a6

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for 16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe
copyright for information about 16wWMnzg2TFTs5hQKZ4nvDZbMKzNNMtoP2.exe