How to remove C896.tmp.exe

» File
File Details
Overview
Analysis

C896.tmp.exe

The module C896.tmp.exe has been detected as Suspicious Object

C896.tmp.exe

Remove C896.tmp.exe

File Details

Main Info:

Product Name:	Notepad++
Company Name:	Don HO don.h@free.fr
MD5:	d0b73ca531af82d463885fdd885fe8ec
Size:	580 KB
First Published:	2021-02-05 16:13:52 (4 years ago)
Latest Published:	2021-02-05 16:13:52 (4 years ago)

Analysis:

Status:	Suspicious Object (on last analysis)
Analysis Date:	2021-02-05 16:13:52 (4 years ago)

Overview

Digital Signature

Signed By:	Notepad++
Status:	Invalid (digital signature could be stolen or file could be patched)

Common Places:

%appdata%

Geography:

100.0%

OS Version:

Windows 10

100.0%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0005a82e

.NET Info:

MVID:	5bd9aee9-c2b6-453b-8c1a-ac4e8110617b
Typelib ID:	12041f4a-64db-44d6-901a-ef451b48dd60

PE Sections:

Name	Size of data	MD5
.text	363008	dfb804d1aa48e50a200f5868d140a3e3
.rsrc	223232	e58fc94ac925cf5e713e00c89edd1141
.reloc	512	86b7b8efc869c079de87613d15eb9413

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for C896.tmp.exe

copyright for information about C896.tmp.exe