How to remove KysqWurKSPhC.exe

» File
File Details
Overview
Analysis

KysqWurKSPhC.exe

The module KysqWurKSPhC.exe has been detected as Trojan.LoadMoney

Remove KysqWurKSPhC.exe

File Details

Main Info:

Product Name:	SvcHost Service Host
MD5:	07a0f9558a696a5964b74ebeb2d0c491
Size:	2 MB
First Published:	2017-05-24 12:03:13 (6 years ago)
Latest Published:	2018-10-26 08:12:09 (5 years ago)

Analysis:

Status:	Trojan.LoadMoney (on last analysis)
Analysis Date:	2018-10-26 08:12:09 (5 years ago)

Overview

Digital Signature

Signed By:	"Strong Media Plus" LTD
Status:	Valid

Common Places:

%windir%\microsoft

%localappdata%\temp

%windir%

File Names:

svchost.exe

KysqWurKSPhC.exe

enRmuc1EJ7IK.exe

svchost.exe.quarantined

kfGHkf2GoU37.exe

uIsAKr9U3mlM.exe

C4BkPKsMjv4N.exe

bvjrKhsqqAE1.exe

PJnTxN9ZZ14r.exe

2Xk1MutUyzue.exe

YY8iom00AF5n.exe

djwmitpnos.tmp

svchost.exe.update.exe

Geography:

	28.4%
	25.3%
	12.6%
	8.4%
	3.2%
	3.2%
	3.2%
	2.1%
	2.1%
	2.1%
	2.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%
	1.1%

OS Version:

Windows 10	48.4%
Windows 7	42.1%
Windows 8.1	5.3%
Windows XP	3.2%
Windows 8	1.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x000336d5

PE Sections:

Name	Size of data	MD5
.text	294400	e3bf26fe263862c33c0dd2bbcafc6da5
.rdata	69120	c7f6fac0dbfdaa17f43255831684f781
.data	2157568	a2b7ab2e6fc54e3445e46a6f5f22070f
.rsrc	1536	1181e3b4ca9cbbf8e320fadd9cf3081a
.reloc	28160	4b6e79f4bb3f1517df3db0b1f612a73b

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for KysqWurKSPhC.exe

copyright for information about KysqWurKSPhC.exe

How to remove KysqWurKSPhC.exe

KysqWurKSPhC.exe

The module KysqWurKSPhC.exe has been detected as Trojan.LoadMoney

File Details

Main Info:

SvcHost Service Host

Analysis:

Overview

Digital Signature

Common Places:

Geography:

OS Version:

Analysis

PE Info:

PE Sections:

More information: