How to remove AdAntiHS.VIR001
- File Details
- Overview
- Analysis
AdAntiHS.VIR001
The module AdAntiHS.VIR001 has been detected as Trojan.Agent
File Details
Product Name: |
|
MD5: |
c85eb8125d27aeb62c061af85b192598 |
Size: |
37 KB |
First Published: |
2017-06-12 07:09:49 (7 years ago) |
Latest Published: |
2020-07-12 09:20:14 (4 years ago) |
Status: |
Trojan.Agent (on last analysis) |
|
Analysis Date: |
2020-07-12 09:20:14 (4 years ago) |
Overview
%appdata%\adanti |
%appdata% |
%sysdrive%\$recycle.bin |
%sysdrive%\windows.old\users\user\appdata\roaming |
%programfiles%\ahnlab\v3lite30 |
%commonappdata% |
%sysdrive%\$recycle.bin\s-1-5-21-1975746220-2322947604-2127825931-1478 |
%appdata% |
%appdata% |
%appdata% |
AdAntiHS.dll |
AdAntiHS.VIR001 |
AdAntiHS.VIR000 |
AdAntiHS.VIR002 |
trzD153.tmp |
trz1F23.tmp |
$RFA4QI7.dll |
$R0XJRG2.dll |
AdAntiHS.VIR |
adantihs_1.dll |
|
70.1% |
|
|
18.2% |
|
|
5.3% |
|
|
1.3% |
|
|
1.3% |
|
|
0.9% |
|
|
0.6% |
|
|
0.6% |
|
|
0.6% |
|
|
0.3% |
|
|
0.3% |
|
|
0.3% |
|
Windows 7 |
75.2% |
|
Windows 10 |
24.8% |
|
Analysis
Subsystem: |
Windows GUI |
PE Type: |
pe |
OS Bitness: |
32 |
Image Base: |
0x10000000 |
Entry Address: |
0x000027db |
Name |
Size of data |
MD5 |
.text |
8192 |
4df2964836fea40a2c8d5c642a38f68d |
.rdata |
4096 |
ff8e7a91aff8549540c281cdadab31e6 |
.data |
4096 |
2329edc514f84e759f5d262aacba22f1 |
.rsrc |
4096 |
630617d488a9fb827ab41953de8e9a3f |
.reloc |
4096 |
e03563894022c28c80d19d13eecf3750 |