How to remove LSASecretsDump.exe

LSASecretsDump.exe

The module LSASecretsDump.exe has been detected as Virtool.Presenoker

LSASecretsDump.exe
Remove LSASecretsDump.exe

File Details

Product Name:

LSASecretsDump
Company Name:

NirSoft
MD5: 47ac4697c6d587ae9d319cf32c68174c
Size: 10 KB
First Published: 2017-05-22 11:23:17 (7 years ago)
Latest Published: 2024-05-11 23:00:52 (a year ago)
Status: Virtool.Presenoker (on last analysis)
Analysis Date: 2024-05-11 23:00:52 (a year ago)

Common Places:

%desktop%\lock\security\nir soft\nirsoft
%desktop%\lock\001 a my tools\nir soft\nirsoft
%sysdrive%\system tools\nirlauncher\nirlauncher.package.1.19.97\nirsoft
%profile%\downloads\nirsoft_package_1.20.2\nirsoft
%localappdata%\microsoft\windows\inetcache\ie\8kkbgkhc\nirsoft_package_1.20.5[1].zip\nirsoft
%profile%\downloads\ns\nirsoft_package_1.19.118\nirsoft_package_1.19.119.zip\nirsoft
%profile%\downloads\ns\nirsoft_package_1.19.118.zip\nirsoft
%desktop%\nirsoft\nirsoft_package_1.19.119.zip\nirsoft
%desktop%\nirsoft\nirsoft_package_1.19.119\nirsoft
%profile%\downloads\ns\nirsoft_package_enc_1.19.107\nirsoft

File Names:

lsasecretsdump.exe
LSASecretsDump.exe
lsasecretsdump (1).exe
lsasecretsdump (2).exe
$RXB33HB.exe
A0212725.exe
A0014214.exe

Geography:

13.7%
10.8%
9.5%
4.9%
4.6%
4.2%
3.9%
3.9%
3.9%
3.6%
2.9%
2.6%
2.3%
2.3%
2.0%
1.6%
1.6%
1.6%
1.3%
1.3%
1.3%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
1.0%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.7%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%

OS Version:

Windows 10 62.3%
Windows 7 31.0%
Windows 8.1 3.9%
Windows XP 2.3%
Windows 8 0.6%

Analysis

Subsystem: Windows CUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00008ba0

PE Sections:

Name Size of data MD5
UPX0 0 00000000000000000000000000000000
UPX1 7680 e1590ea2fd281341de7879143aba7636
.rsrc 1536 23ff451ff72d5f9f7b3afd780fb39b1e

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for LSASecretsDump.exe
copyright for information about LSASecretsDump.exe