How to remove A0000114.exe
- File Details
- Overview
- Analysis
A0000114.exe
The module A0000114.exe has been detected as Worm.Ramnit
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
f5e48ef6fbf4d0ba50538cc2c988500c |
| Size: |
3 MB |
| First Published: |
2018-04-15 08:11:22 (6 years ago) |
| Latest Published: |
2018-04-15 08:11:25 (6 years ago) |
| Status: |
Worm.Ramnit (on last analysis) |
|
| Analysis Date: |
2018-04-15 08:11:25 (6 years ago) |
| %sysdrive%\system volume information\_restore{31058c9c-927f-45ce-9d9c-3c152ab8e6e1} |
| %profile%\p\my documents\downloads |
| A0002249.exe |
| A0000114.exe |
| CamPlay.exe |
| A0004696.exe |
| A0003696.exe |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00303000 |
| Name |
Size of data |
MD5 |
| .text |
167936 |
7b3f9ed954a0156356b8f95d0bc1d9fd |
| .rdata |
40960 |
9504bfc0e7dfa109303deb59d383697f |
| .data |
16384 |
c8421bf8748d8bb3de3453eb9a8faa93 |
| .rsrc |
81920 |
b199bf86ed74da7aeeb350bfee8e43c1 |
| .text |
188416 |
fffd938bf1b6d4dca0de2be2dd8662a3 |
| .text |
188416 |
70e7f723d40877934c392de3cf59dd4f |
| .text |
188416 |
77a38c162044b2b82f24c0b999678226 |
| .text |
188416 |
8e4febbd69e36248f157d895e2fb44ce |
| .text |
188416 |
26a5402a70756424937d839e556eab4d |
| .text |
188416 |
00863f654bd42e3e1cb735869363c982 |
| .text |
188416 |
a0603e6c9a20e176450869a35e7ea1d4 |
| .text |
188416 |
5f73cb3839b91ae8bd60d5ddf398c729 |
| .text |
188416 |
9215ec20cf040aaaf89499053d107c63 |
| .text |
188416 |
d17a4a7651980dd50b4b57907f802b2d |
| .text |
188416 |
dc34a41d0509e029bb467ebad1db3ea9 |
| .text |
188416 |
63d1e19454a4fdaa1b96d85420550007 |
| .text |
188416 |
f7530cd7b86ca59ab4b0bccd7afcf879 |
| .text |
188416 |
e3873a0a61763f5dccd8f44ed5433a40 |
| .text |
188416 |
bd9d1f20302beb83a84a0aca4e194d5b |
| .text |
167936 |
5b25fbc262765c620a36c84a9886a758 |
