How to remove CrashService.exe
- File Details
- Overview
- Analysis
CrashService.exe
The module CrashService.exe has been detected as Worm.Ramnit
File Details
| Product Name: |
|
| MD5: |
b21880b0ff86bd0575b00a641661f0a2 |
| Size: |
1 MB |
| First Published: |
2018-04-15 08:11:42 (6 years ago) |
| Latest Published: |
2018-04-15 08:11:42 (6 years ago) |
| Status: |
Worm.Ramnit (on last analysis) |
|
| Analysis Date: |
2018-04-15 08:11:42 (6 years ago) |
| %sysdrive%\งานกู้ 240658\root\program files\wondershare |
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x00400000 |
| Entry Address: |
0x0015e000 |
| Name |
Size of data |
MD5 |
| .text |
68608 |
45b8159847c9e5851b32045129f2b854 |
| .rdata |
15360 |
26210ac6180e472288f2a0cb95fcd6fd |
| .data |
4608 |
76db6e73b9252fb6364ca6bcd257441c |
| .rsrc |
1536 |
1ac031562a3808619ebc2f71ca514316 |
| .reloc |
7680 |
f6304ab440264eb97ce06c3c43178cb1 |
| .text |
186880 |
0715e91c05475161045adfc2feeee0b8 |
| .text |
186880 |
9abda0714a5be8f0638e5222d7dba9b1 |
| .text |
186880 |
0d4cf820995a47c95264a283f4bd73cf |
| .text |
186880 |
9089bd30177c7628217eee9170b658b8 |
| .text |
186880 |
34f45fba24f6aeb87fc42af5e985ad44 |
| .text |
186880 |
d434e55e85f72086e86439bb5e8591e0 |
| .text |
186880 |
3edf5cfa6f387ef4a2b114eaa531d127 |
| .text |
166400 |
480726d2ccb04cb3dffa50fe8ca05d78 |
