How to remove A0158351.exe
- File Details
- Overview
- Analysis
A0158351.exe
The module A0158351.exe has been detected as PUP.OpenCandy
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
687961d5e8860cb75490c39a871c4e8d |
| Size: |
299 KB |
| First Published: |
2017-06-25 00:07:30 (8 years ago) |
| Latest Published: |
2022-11-13 23:49:32 (2 years ago) |
| Status: |
PUP.OpenCandy (on last analysis) |
|
| Analysis Date: |
2022-11-13 23:49:32 (2 years ago) |
Overview
| %appdata%\opencandy\167fd198f4e44063be5655062e224f7f |
| %appdata%\opencandy\d655e20c999049b385a1145da958301b |
| %profile%\ористувач\application data\opencandy\opencandy_b7a031d1cd52447da83be1ed70612c11 |
| %appdata%\opencandy\6ad5eca4a9124d188f80f1294e5469fb |
| %appdata%\opencandy\1bb6a9166e1e4ff6b91716e4e24c1cfc |
| %appdata%\opencandy |
| %sysdrive%\system volume information\_restore{7e134253-75db-4a6c-aa09-a471e4160cd7} |
| %profile%\алина\application data\opencandy |
| %sysdrive%\new folder\maged-pc\backup set 2014-10-26 111207\backup files 2014-10-26 111207\backup files 1.zip\c\users\maged\appdata\roaming\opencandy |
| %sysdrive%\adwcleaner\quarantine\c\users\famille de sevin\appdata\roaming\opencandy |
|
28.6% |
|
|
19.0% |
|
|
9.5% |
|
|
9.5% |
|
|
9.5% |
|
|
4.8% |
|
|
4.8% |
|
|
4.8% |
|
|
4.8% |
|
|
4.8% |
|
| Windows 7 |
47.6% |
|
| Windows Embedded Standard |
28.6% |
|
| Windows 10 |
14.3% |
|
| Windows XP |
9.5% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000bac60 |
| Name |
Size of data |
MD5 |
| UPX0 |
0 |
00000000000000000000000000000000 |
| UPX1 |
252416 |
7897ed722332a508058ab32c6bf7d33e |
| .rsrc |
46592 |
bcefabadf657147c1aa4b0bcbc7c8950 |
