How to remove A0195040.exe
- File Details
- Overview
- Analysis
A0195040.exe
The module A0195040.exe has been detected as General Threat
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
7d002b57f30b1b84dd4b08adc61c1bea |
| Size: |
4 MB |
| First Published: |
2017-10-23 17:11:56 (6 years ago) |
| Latest Published: |
2018-06-21 17:02:24 (5 years ago) |
| Status: |
General Threat (on last analysis) |
|
| Analysis Date: |
2018-06-21 17:02:24 (5 years ago) |
Overview
| Signed By: |
KORAM GAMES LIMITED |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %sysdrive%\system volume information\_restore{c628a81d-d97e-43db-afcc-78caf6a6c884} |
| %sysdrive%\system volume information\_restore{6c14b039-abf8-426d-91a9-43b43569595d} |
| %sysdrive% |
| OrbitDownloaderSetup.exe |
| A0195040.exe |
| A0004523.exe |
|
33.3% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
|
16.7% |
|
| Windows 10 |
50.0% |
|
| Windows 7 |
50.0% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x000163c4 |
| Name |
Size of data |
MD5 |
| .text |
82944 |
cda3f5db2a563079f68ff49207a072e8 |
| .itext |
3072 |
751be2588cbfe7e40eb201c2cff8a4c7 |
| .data |
3584 |
482a89e6da09f3e0c80eb58ee3a48c9a |
| .bss |
0 |
00000000000000000000000000000000 |
| .idata |
4096 |
0c8776d0bdc06df93ba1292a2e0aaaeb |
| .tls |
0 |
00000000000000000000000000000000 |
| .rdata |
512 |
3746f5876803f8f30db5bb2deb8772ae |
| .reloc |
0 |
00000000000000000000000000000000 |
| .rsrc |
45568 |
91d3560010ba1ababe0b989773c6f1de |
