How to remove PSFTP.EXE
PSFTP.EXE
The module PSFTP.EXE has been detected as Trojan.Emotet
File Details
| Product Name: | PuTTY suite |
| Company Name: | Simon Tatham |
| MD5: | 143f8325c47b20af252a540cab39bd98 |
| Size: | 616 KB |
| First Published: | 2018-08-04 05:09:18 (6 years ago) |
| Latest Published: | 2018-08-06 07:11:54 (6 years ago) |
| Status: | Trojan.Emotet (on last analysis) | |
| Analysis Date: | 2018-08-06 07:11:54 (6 years ago) |
Overview
| Signed By: | Simon Tatham |
| Status: | Valid |
Common Places:
| %programfiles% |
| %programfiles%\matlab\r2017b\toolbox\idelink\foundation |
| %sysdrive%\filehistory\jifwhite\jifwhite-pc\data\$of\30845\30849 (2018_05_21 01_54_15 utc).zip\toolbox\target\supportpackages\shared_linuxservices\resources |
| %profile%\downloads\mathworks\supportpackages\r2018a\archives\win64\hardwaresupportpkgs\targets\shared_linuxservices_win64_1517957220.zip\toolbox\target\supportpackages\shared_linuxservices\resources |
File Names:
| psftp.exe |
| PSFTP.EXE |
Geography:
| Canada | 40.0% | |
| Taiwan | 40.0% | |
| United States | 20.0% |
OS Version:
| Windows 10 | 80.0% | |
| Windows 8.1 | 20.0% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x00049c18 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 432640 | f79c4e1773d3ba2c9b1a7529cea9a8f5 |
| .rdata | 151552 | 9e45c1a8464bb6b21d56483b1e7b45f8 |
| .data | 6144 | 406e855c36ef8bde4ee0f6b09499e655 |
| .pdata | 17920 | f5359583cdf4a51d9b9589aceb95134e |
| .rsrc | 5632 | f4968dd3bf6c673cfdc337cae6860de8 |
| .reloc | 4096 | cfa4ea8ddf191d72b3e48048a19cf6e8 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for PSFTP.EXE
