How to remove 6147.tmp.exe
- File Details
- Overview
- Analysis
6147.tmp.exe
The module 6147.tmp.exe has been detected as Trojan.LoadMoney
File Details
| MD5: |
22410022395431aca1e8ca3220fef8ba |
| Size: |
873 KB |
| First Published: |
2017-06-25 13:03:33 (7 years ago) |
| Latest Published: |
2017-06-26 12:06:41 (7 years ago) |
| Status: |
Trojan.LoadMoney (on last analysis) |
|
| Analysis Date: |
2017-06-26 12:06:41 (7 years ago) |
Overview
| %localappdata%\nvfontcache |
| %localappdata%\temp |
| %localappdata%\filesystemdriver |
| nvfontcache.exe |
| 6147.tmp.exe |
| FileSystemDriver.exe |
| E8FD.tmp.exe |
| Windows 10 |
75.0% |
|
| Windows 7 |
25.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000018a3 |
| Name |
Size of data |
MD5 |
| .text |
86016 |
90c7dec0bd0f398f4a87269f06f979de |
| .rdata |
4096 |
70966878ee90bef7d1ae5047ae0c5f64 |
| .data |
745472 |
b975dd6e897b4c39e4f7871d0e9b068a |
| .rsrc |
49152 |
bf256ac93b753acbf43c03bf0559cde8 |
