How to remove A0055642.exe
- File Details
- Overview
- Analysis
A0055642.exe
The module A0055642.exe has been detected as PUP.OpenCandy
File Details
| MD5: |
c49cb4edab128f3e0e245ff27df3e83b |
| Size: |
892 KB |
| First Published: |
2017-06-11 00:01:24 (8 years ago) |
| Latest Published: |
2021-06-23 20:29:11 (4 years ago) |
| Status: |
PUP.OpenCandy (on last analysis) |
|
| Analysis Date: |
2021-06-23 20:29:11 (4 years ago) |
Overview
| %appdata%\opencandy\7d0db9a2eea143f18c04d1c13c3e62fa |
| %profile%\xp\application data\opencandy\bdce3bbea7b04e9082e692d143065352 |
| %appdata%\opencandy\941b7ef2add4421694198f6d61ec236c |
| %appdata%\opencandy\eb687b3e91184f34924319e77dde9322 |
| %appdata%\opencandy\5d20e047802540e19bb82b3a9dff2bc3 |
| %appdata%\opencandy\281d3fc340bc4cd083568c3f109ab04b |
| %appdata%\opencandy\9fc2c69bab9749799ff820ccb3948557 |
| %appdata%\opencandy\4bb8cfb7199c4d4d93fb583e150413e4 |
| %appdata%\opencandy\d8a27196ee7b4ebd980c3e07f7bc7b40 |
| %appdata%\opencandy |
| PasswordBoxCHSTORE_p1v0.exe |
| A0055642.exe |
| PasswordBoxCHSTORE_p1v0.exe.vir |
|
20.3% |
|
|
8.7% |
|
|
8.7% |
|
|
8.7% |
|
|
7.2% |
|
|
5.8% |
|
|
5.8% |
|
|
5.8% |
|
|
5.8% |
|
|
4.3% |
|
|
2.9% |
|
|
2.9% |
|
|
2.9% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
|
1.4% |
|
| Windows 7 |
65.2% |
|
| Windows 10 |
33.3% |
|
| Windows XP |
1.4% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000038af |
| Name |
Size of data |
MD5 |
| .text |
29696 |
419d4e1be1ac35a5db9c47f553b27cea |
| .rdata |
11264 |
cca1ca3fbf99570f6de9b43ce767f368 |
| .data |
512 |
77f0839f8ebea31040e462523e1c770e |
| .ndata |
0 |
00000000000000000000000000000000 |
| .rsrc |
26112 |
8cf2dfb8c2d9658109d9858bd1c0450b |
| .reloc |
4096 |
5303218ba0b24a5fa5b62e2acce05d47 |
