How to remove 71F6.tmp.exe
- File Details
- Overview
- Analysis
71F6.tmp.exe
The module 71F6.tmp.exe has been detected as Trojan.LoadMoney
File Details
| MD5: |
0d6b2d0447ea373a2cfa959de1b7d0a2 |
| Size: |
777 KB |
| First Published: |
2017-11-21 15:04:11 (6 years ago) |
| Latest Published: |
2018-10-22 18:18:24 (5 years ago) |
| Status: |
Trojan.LoadMoney (on last analysis) |
|
| Analysis Date: |
2018-10-22 18:18:24 (5 years ago) |
Overview
| %localappdata%\scriptwriter |
| %localappdata%\temp |
| %temp% |
| ScriptWriter.exe |
| 71F6.tmp.exe |
| TMSnMFfoUNsT.exe |
| XgIRTGb9C6Fv.exe |
| thTHz64x82fN.exe |
| 2g1l4FNFySbf.exe |
| cGQEh22NAjpf.exe |
| DEF1.tmp.exe |
| e8IfcAT0lgLJ.exe |
| 8F10.tmp.exe |
| Windows 8 |
66.7% |
|
| Windows 10 |
27.8% |
|
| Windows 7 |
5.6% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000015f2 |
| Name |
Size of data |
MD5 |
| .text |
28672 |
ad2b949bfff345088ae73c4f066d614b |
| .rdata |
32768 |
adef5d427343cf3135e6b114eefc9c22 |
| .data |
684032 |
9963b9a663cb58f02c860978f0c63117 |
| .rsrc |
40960 |
d83a68d30009b58c3916fbfdcc4cec41 |
