How to remove BOTNB.sys

» File
File Details
Overview
Analysis

BOTNB.sys

The module BOTNB.sys has been detected as Trojan.Gen

BOTNB.sys

Remove BOTNB.sys

File Details

Main Info:

MD5:	b00b3b8eb147c522ba30cd617ac20f3e
Size:	8 KB
First Published:	2019-07-05 08:00:39 (6 years ago)
Latest Published:	2021-12-23 21:37:45 (4 years ago)

Analysis:

Status:	Trojan.Gen (on last analysis)
Analysis Date:	2021-12-23 21:37:45 (4 years ago)

Overview

Digital Signature

Signed By:	Shenzhen yundian Technology Co., Ltd
Status:	Valid

Common Places:

%windir%

%sysdrive%

%windir%

%sysdrive%

%sysdrive%

%windir%

%windir%

%windir%

%windir%

%windir%

Geography:

	24.2%
	9.1%
	9.1%
	9.1%
	6.1%
	6.1%
	6.1%
	6.1%
	3.0%
	3.0%
	3.0%
	3.0%
	3.0%
	3.0%
	3.0%
	3.0%

OS Version:

Windows 10	89.7%
Windows 7	10.3%

Analysis

PE Info:

Subsystem:	Native
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00005000

PE Sections:

Name	Size of data	MD5
.text	512	1f4af2bdbc8cb1dbf116b461aabbe617
.rdata	1024	0b5ca92e2955963149619f10b45e42df
.data	512	ee8e428290ec42160c5e2a30f80215a5
.pdata	512	bd40814d15cec5ed663273d1b7ec7811
INIT	512	7ddaf7de64e4ba00bda7739b80595dfe
.reloc	512	fa389ca9d35a375b9ce225b563e13ec1

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for BOTNB.sys

copyright for information about BOTNB.sys