How to remove A0017791.exe
- File Details
- Overview
- Analysis
A0017791.exe
The module A0017791.exe has been detected as General Threat
File Details
| MD5: |
d848ef0636ea49d340f074f939db817b |
| Size: |
1 MB |
| First Published: |
2017-05-21 05:04:23 (6 years ago) |
| Latest Published: |
2018-10-17 14:07:26 (5 years ago) |
| Status: |
General Threat (on last analysis) |
|
| Analysis Date: |
2018-10-17 14:07:26 (5 years ago) |
Overview
| %programfiles%\freetime\formatfactory\ffmodules\package\baidu |
| %programfiles%\formatfactory\ffmodules\package\baidu |
| %sysdrive%\system volume information\_restore{0a66d4aa-bcdf-416f-b650-275a5cadaef5}\rp13 |
| %desktop%\formatfactory\ffmodules\package\baidu |
| %profile%\downloads\格式工廠\app\formatfactory\ffmodules\package\baidu |
| %desktop%\formatfactoryportable_3.3.4_azo\格式工廠\app\formatfactory\ffmodules\package\baidu |
| %desktop%\群亞電腦\office\office_研習軟體\格式工廠\app\formatfactory\ffmodules\package\baidu |
| %desktop%\群亞電腦\office\powerpoint_練習1\office_研習軟體\格式工廠\app\formatfactory\ffmodules\package\baidu |
| %desktop%\工具\formatfactory\ffsetup3.2.1.0\ffmodules\package\baidu |
| %desktop%\bt\formatfactoryportable_3.6.0\app\formatfactory\ffmodules\package\baidu |
| Baidu-TB-ASBar.exe |
| A0017791.exe |
| A0049355.exe |
| A0337893.exe |
|
26.3% |
|
|
7.5% |
|
|
7.3% |
|
|
6.7% |
|
|
6.5% |
|
|
5.7% |
|
|
3.6% |
|
|
3.3% |
|
|
3.0% |
|
|
2.5% |
|
|
2.0% |
|
|
1.8% |
|
|
1.3% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
0.9% |
|
|
0.9% |
|
|
0.7% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.5% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.4% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.2% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
|
0.1% |
|
| Windows 7 |
54.9% |
|
| Windows 10 |
27.9% |
|
| Windows 8.1 |
10.7% |
|
| Windows XP |
4.7% |
|
| Windows 8 |
1.8% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x00003339 |
| Name |
Size of data |
MD5 |
| .text |
23040 |
c890f59904fe24cce927763d7e92f437 |
| .rdata |
4608 |
3195a1e585405fe2a9062fc88f4a0d6b |
| .data |
1024 |
765e4ba2983ec579b53cf544d1eb8f9d |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
9728 |
9ea8edbc1901471d24d3ed69221ad949 |
