How to remove 1F9A.exe
1F9A.exe
The module 1F9A.exe has been detected as Trojan.Downloader
File Details
| Product Name: | Realtek HD Auido Update and remove driver Tool |
| Company Name: | Realtek Semiconductor Corp. |
| MD5: | ec10291029375563c6f4f5151700e789 |
| Size: | 3 MB |
| First Published: | 2021-08-19 20:45:42 (4 years ago) |
| Latest Published: | 2021-08-26 20:47:58 (3 years ago) |
| Status: | Trojan.Downloader (on last analysis) | |
| Analysis Date: | 2021-08-26 20:47:58 (3 years ago) |
Overview
| Signed By: | Corel Corporation |
| Status: | Invalid (digital signature could be stolen or file could be patched) |
Common Places:
| %temp% |
| %temp% |
| %temp% |
| %temp% |
Geography:
| India | 66.7% | |
| Nigeria | 33.3% |
OS Version:
| Windows 10 | 75.0% | |
| Windows 8 | 25.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 32 |
| Image Base: | 0x00400000 |
| Entry Address: | 0x0054b390 |
PE Sections:
| Name | Size of data | MD5 |
| 93184 | b644d6a611232ddffcb1838ac813be74 | |
| 2048 | bec5392c3b92bed332eb215bc2cbea99 | |
| 🇮🇹 | 190976 | 7643a3c268786f056516a40075a56e63 |
| 512 | e7fb38b404f3db7f490f8fe1ff2885e7 | |
| .idata | 512 | c81c57f3ee4245218cd3f31874cc6973 |
| .themida | 0 | d41d8cd98f00b204e9800998ecf8427e |
| .boot | 3320320 | b0b58b5a7c9408ee37cee1d7355e4924 |
| 🇮🇹 | 2560 | aa12b9f5f5c0d6f6ee1ab33e28f204a1 |
| .rsrc | 199680 | 5e877ea0f2dc315079f7f47c50eb72d5 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for 1F9A.exe
