How to remove A0000118.exe
- File Details
- Overview
- Analysis
A0000118.exe
The module A0000118.exe has been detected as Worm.Ramnit
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
74801dbbaf9c066a50fc2c301d1ad0fe |
| Size: |
3 MB |
| First Published: |
2018-04-15 08:11:21 (6 years ago) |
| Latest Published: |
2018-04-15 08:11:23 (6 years ago) |
| Status: |
Worm.Ramnit (on last analysis) |
|
| Analysis Date: |
2018-04-15 08:11:23 (6 years ago) |
| %profile%\p\my documents\downloads |
| %sysdrive%\system volume information\_restore{31058c9c-927f-45ce-9d9c-3c152ab8e6e1} |
| CamPlay.exe |
| A0000118.exe |
| A0002252.exe |
| A0004735.exe |
| A0003698.exe |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00331000 |
| Name |
Size of data |
MD5 |
| .text |
167936 |
c496e559c5884102bca330a6ce0e752f |
| .rdata |
40960 |
9504bfc0e7dfa109303deb59d383697f |
| .data |
16384 |
c8421bf8748d8bb3de3453eb9a8faa93 |
| .rsrc |
81920 |
a0de032cc74d06795f023cfc63c083fa |
| .text |
188416 |
215930515e3f4a762af2ec87f81ebb4f |
| .text |
188416 |
370ab9fa3d155ab1448728b41e1c890b |
| .text |
188416 |
52e78e971d32209a75a262d090b3db6e |
| .text |
188416 |
e938b1e2640ccf8a9d037ffa49725845 |
| .text |
188416 |
ccfc9b6333da3d162e2a392f8c6d81d2 |
| .text |
188416 |
59f02f6ba88fc576ba8a118a62d38874 |
| .text |
188416 |
8a62372aad6195e5a63274ba4a9fe31a |
| .text |
188416 |
bce2baa8035120bfe4d598a8dfeb3044 |
| .text |
188416 |
aaff3db843c119d21b47d84c4ffe6926 |
| .text |
188416 |
e532a892f04c6e463370e71cdf2815cd |
| .text |
188416 |
612fb61da60e53a16fe8d3883199f771 |
| .text |
188416 |
6835ccbfe0a46f624898ee00a427f4fb |
| .text |
188416 |
e2d52487022c15d500b0e1a213666a85 |
| .text |
188416 |
26fb6d76c28fa1c1e1aecf24da63bf0f |
| .text |
188416 |
3aec5fa6f264f32a0f998845b80979a2 |
| .text |
188416 |
a2e2766760be12ed7a042c42bf628524 |
| .text |
167936 |
f95b36f4356a02457d850ddb84199b1c |
