How to remove 4F7A.tmp.exe

» File
File Details
Overview
Analysis

4F7A.tmp.exe

The module 4F7A.tmp.exe has been detected as Trojan.Packed

4F7A.tmp.exe

Remove 4F7A.tmp.exe

File Details

Main Info:

Product Name:	SaveTheCoffeeBeans
MD5:	08750fd649e8084ac1e1db89d96212ee
Size:	2 MB
First Published:	2020-06-09 10:51:08 (3 years ago)
Latest Published:	2021-01-12 03:21:47 (3 years ago)

Analysis:

Status:	Trojan.Packed (on last analysis)
Analysis Date:	2021-01-12 03:21:47 (3 years ago)

Overview

Digital Signature

Signed By:	elewen company
Status:	Valid

Common Places:

%appdata%

%appdata%

%appdata%

%appdata%

%localappdata%\microsoft\windows\temporary internet files\content.ie5

%appdata%

%appdata%

Geography:

	42.9%
	28.6%
	14.3%
	14.3%

OS Version:

Windows 7	57.1%
Windows 10	42.9%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x004b0630

PE Sections:

Name	Size of data	MD5
.text	104448	85ef9f13c1907bd8ea74a16e79d064d6
.rdata	28160	952607a7bfe55ac264f24ed090d3f945
.data	5632	2fe51a72ede820cd7cf55a77ba59b1f4
	650752	38ed2aeff5dd7ed32a1fbc938e7ad1e0
.imports	512	0cc3f3989326ea9f69f3dd8534a772e9
.vmp0	1536	c70f0585f1dbb85be01751d8c3dc4d3b
.themida	0	00000000000000000000000000000000
.loadcon	512	101c5a3d4e35a35af35591b03639ae9c
.boot	2250152	16bf13b5a263dde42649b06106da616d
.vmp1	1536	3eee84dc26e504886c82ee3329bd9d0c
.rsrc	1536	8c3388064b9f708576d8282cd1e02294

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for 4F7A.tmp.exe

copyright for information about 4F7A.tmp.exe